[Secure-testing-commits] r26326 - data/CVE

Salvatore Bonaccorso Fri, 28 Mar 2014 15:22:25 -0700

Author: carnil
Date: 2014-03-28 22:22:12 +0000 (Fri, 28 Mar 2014)
New Revision: 26326


Modified:
   data/CVE/list
Log:
Two openssh issues fixed

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-03-28 20:48:02 UTC (rev 26325)
+++ data/CVE/list       2014-03-28 22:22:12 UTC (rev 26326)
@@ -9,7 +9,7 @@
        - postfixadmin 2.3.5-3
        NOTE: http://sourceforge.net/p/postfixadmin/code/1650
 CVE-2014-2653 [if the server offers a certificate, the client doesn't check 
the DNS for SSHFP records]
-       - openssh <unfixed> (low; bug #742513)
+       - openssh 1:6.6p1-1 (low; bug #742513)
 CVE-2014-2652
        RESERVED
 CVE-2014-2651
@@ -333,7 +333,7 @@
        [wheezy] - xen <not-affected> (Only exploitable with Linux >= 3.12)
        [squeeze] - xen <not-affected> (Only exploitable with Linux >= 3.12)
 CVE-2014-2532 (sshd in OpenSSH before 6.6 does not properly support wildcards 
on ...)
-       - openssh <unfixed>
+       - openssh 1:6.6p1-1
        NOTE: Default sshd_config in Debian has AcceptEnv LANG LC_*
        NOTE: 
http://marc.info/?l=openbsd-security-announce&m=139492048027313&w=2
 CVE-2014-2581 [credentials cache leak]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r26326 - data/CVE

Reply via email to