[Secure-testing-commits] r47230 - data/CVE

Mon, 19 Dec 2016 11:37:29 -0800 

Author: carnil
Date: 2016-12-19 19:37:07 +0000 (Mon, 19 Dec 2016)
New Revision: 47230

Modified:
   data/CVE/list
Log:
Add bug references for openssh issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-12-19 19:07:22 UTC (rev 47229)
+++ data/CVE/list       2016-12-19 19:37:07 UTC (rev 47230)
@@ -2,26 +2,26 @@
        - xen <unfixed> (bug #848713)
        NOTE: https://xenbits.xen.org/xsa/advisory-204.html
 CVE-2016-10012 [sshd(8): shared memory manager bounds checks that could be 
elided by some optimising compilers potentially allow attacks against the 
privileged monitor process from the sandboxed privilege-separation process]
-       - openssh <unfixed>
+       - openssh <unfixed> (bug #848717)
        NOTE: Fixed in upstream 7.4
        NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.c
        NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.h
        NOTE: https://www.openssh.com/txt/release-7.4
        TODO: check affected versions
 CVE-2016-10011 [sshd(8): theoretical leak of host private key material to 
privilege-separated child processes via realloc()]
-       - openssh <unfixed>
+       - openssh <unfixed> (bug #848716)
        NOTE: Fixed in upstream 7.4
        NOTE: 
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/authfile.c
        NOTE: https://www.openssh.com/txt/release-7.4
        TODO: check affected versions
 CVE-2016-10010 [sshd(8): When privilege separation is disabled, forwarded 
Unix-domain sockets would be created by sshd(8) with the privileges of 'root']
-       - openssh <unfixed>
+       - openssh <unfixed> (bug #848715)
        NOTE: Fixed in upstream 7.4
        NOTE: 
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/serverloop.c
        NOTE: https://www.openssh.com/txt/release-7.4
        TODO: check affected versions
 CVE-2016-10009 [ssh-agent(1): load PKCS#11 modules from paths outside a 
trusted whitelist]
-       - openssh <unfixed>
+       - openssh <unfixed> (bug #848714)
        NOTE: Fixed in upstream 7.4
        NOTE: 
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-agent.c
        NOTE: https://www.openssh.com/txt/release-7.4


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to