[Secure-testing-commits] r39404 - in data: . CVE

Mon, 01 Feb 2016 16:25:05 -0800 

Author: anarcat
Date: 2016-02-01 22:19:32 +0000 (Mon, 01 Feb 2016)
New Revision: 39404

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
mark the openssh issue as solved, as with wheezy and jessie

it is not worth trying to reproduce it in squeeze if we disable untrusted 
connexions by default anyways

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-02-01 21:47:10 UTC (rev 39403)
+++ data/CVE/list       2016-02-01 22:19:32 UTC (rev 39404)
@@ -1099,13 +1099,13 @@
        - openssh <unfixed>
        [jessie] - openssh <no-dsa> (Minor issue)
        [wheezy] - openssh <no-dsa> (Minor issue)
+       [squeeze] - openssh <no-dsa> (Minor issue)
        NOTE: Upstream commit: 
https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
        NOTE: which needs to be applied after: 
https://anongit.mindrot.org/openssh.git/commit/?id=f98a09cacff7baad8748c9aa217afd155a4d493f
        NOTE: Background information on X11 SECURITY extension and SSH: 
https://thejh.net/written-stuff/openssh-6.8-xsecurity
        NOTE: 
https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034684.html
        NOTE: Red Hat Bugzilla entry: 
https://bugzilla.redhat.com/show_bug.cgi?id=1298741
        NOTE: vulnerability is partly due to 
/etc/X11/Xsession.d/35x11-common_xhost-local introduced in x11-common in 
1:7.6+9 (wheezy and up)
-       TODO: check if squeeze is vulnerable
 CVE-2016-1907 (The ssh_packet_read_poll2 function in packet.c in OpenSSH 
before 7.1p2 ...)
        - openssh 1:7.1p2-1
        [jessie] - openssh <not-affected> (Vulnerable code not present; 
Introduced in OpenSSH 6.8)

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-02-01 21:47:10 UTC (rev 39403)
+++ data/dla-needed.txt 2016-02-01 22:19:32 UTC (rev 39404)
@@ -65,8 +65,6 @@
 --
 openjdk-6 (Markus Koschany)
 --
-openssh (Guido Günther)
---
 php5 (Thorsten Alteholz)
   NOTE: next upload end of December
 --


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to