Summary: | <net-misc/openssh-6.9_p1-r2: two security issues (CVE-2015-5352) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system, chutzpah |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2015/07/01/7 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=555316 | ||
Whiteboard: | A3 [glsa cve cleanup] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-07-01 12:39:01 UTC
+*openssh-6.9_p1 (01 Jul 2015) + + 01 Jul 2015; Lars Wendler <polynomial-c@gentoo.org> + -openssh-6.7_p1-r3.ebuild, -openssh-6.8_p1.ebuild, -openssh-6.8_p1-r1.ebuild, + -openssh-6.8_p1-r2.ebuild, -openssh-6.8_p1-r3.ebuild, + -openssh-6.8_p1-r4.ebuild, +openssh-6.9_p1.ebuild: + Security bump (bug #553724). Removed old. + There's yet no x509 patch available for openssh-6.9_p1 so -r0 should not go stable. openssh-6.9_p1-r1 added to the tree with the X509 patch is it ok to go stable? (In reply to Mikle Kolyada from comment #3) i'm going to add a -r2 with an update hpn patchset. there's some things in there i want to remove (like the server logging). i've added 6.9p1-r2 to the tree now. give it a few days to bake and then move forward w/stabilizing. Ping for stabilization, works fine on my boxes. amd64 stable Stable for PPC64. Stable for HPPA. arm stable Stable on alpha. x86 stable ppc stable sparc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s). Maintainer(s), please drop the vulnerable version(s). This issue was resolved and addressed in GLSA 201512-04 at https://security.gentoo.org/glsa/201512-04 by GLSA coordinator Yury German (BlueKnight). Re-opening for cleanup. Maintainer(s), please drop the vulnerable version(s). Arches and Maintainer(s), Thank you for your work. |