| Summary: | openssh missing fixes for CVE-2016-10009 and CVE-2016-10011 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | David Walser <luigiwalser> |
| Status: | RESOLVED OLD | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | marja11 |
| Version: | 5 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | openssh-6.6p1-5.10.mga5.src.rpm | CVE: | |
| Status comment: | Fix checked into SVN | ||
|
Description
David Walser
2018-01-26 05:12:12 CET
Patches from Ubuntu added in Mageia 5 SVN.
David Walser
2018-02-02 18:11:29 CET
Status comment:
(none) =>
Fix checked into SVN SUSE has issued an advisory for CVE-2016-10708 today (July 19): http://lists.suse.com/pipermail/sle-security-updates/2018-July/004283.html The SUSE bug has a link to the upstream commit that fixed the issue (in 7.4): https://bugzilla.suse.com/show_bug.cgi?id=1076957 openSUSE has issued an advisory for CVE-2016-10708 on July 28: https://lists.opensuse.org/opensuse-updates/2018-07/msg00086.html One more fix to include: http://openwall.com/lists/oss-security/2018/08/15/5 (In reply to David Walser from comment #4) > One more fix to include: > http://openwall.com/lists/oss-security/2018/08/15/5 This is CVE-2018-15473: http://openwall.com/lists/oss-security/2018/08/17/8 The limited support Mga5 continued to have after its official EOL has ended, so closing this bug as OLD. Status:
NEW =>
RESOLVED |