Author: jmm
Date: 2015-08-13 22:04:07 +0000 (Thu, 13 Aug 2015)
New Revision: 36042
Modified:
data/CVE/list
Log:
openssh no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-13 21:49:12 UTC (rev 36041)
+++ data/CVE/list 2015-08-13 22:04:07 UTC (rev 36042)
@@ -12,11 +12,17 @@
NOTE: Issue introduced with
https://anongit.mindrot.org/openssh.git/commit/?id=a5883d4eccb94b16c355987f58f86a7dee17a0c2
(V_6_8_P1)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/08/12/1
CVE-2015-XXXX [Privilege separation weakness related to PAM support]
- - openssh <unfixed>
+ - openssh <unfixed> (low)
+ [jessie] - openssh <no-dsa> (Minor issue)
+ [wheezy] - openssh <no-dsa> (Minor issue)
+ [squeeze] - openssh <no-dsa> (Minor issue)
NOTE:
https://anongit.mindrot.org/openssh.git/commit/?id=d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/08/11/9
CVE-2015-XXXX [Use-after-free bug related to PAM support]
- - openssh <unfixed>
+ - openssh <unfixed> (low)
+ [jessie] - openssh <no-dsa> (Minor issue)
+ [wheezy] - openssh <no-dsa> (Minor issue)
+ [squeeze] - openssh <no-dsa> (Minor issue)
NOTE:
https://anongit.mindrot.org/openssh.git/commit/?id=5e75f5198769056089fb06c4d738ab0e5abc66f7
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/08/11/9
CVE-2015-XXXX [Mediawiki Security and Maintenance Releases: 1.25.2, 1.24.3,
1.23.10]
@@ -2003,7 +2009,6 @@
RESERVED
- openslp-dfsg <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5177
- TODO: check
CVE-2015-5176 (The PortletRequestDispatcher in PortletBridge, as used in Red
Hat ...)
NOT-FOR-US: PortletBridge component in JBoss Portal
CVE-2015-5175
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
