Author: jmm-guest Date: 2005-04-06 19:16:09 +0000 (Wed, 06 Apr 2005) New Revision: 771 Modified: sarge-checks/CAN/list Log: Cannot be fixed, that''s the way ssh works. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-04-06 18:27:32 UTC (rev 770) +++ sarge-checks/CAN/list 2005-04-06 19:16:09 UTC (rev 771) @@ -1544,7 +1544,8 @@ CAN-2004-1654 (SQL injection vulnerability in the calendar module in phpWebsite ...) NOTE: not-for-us (phpWebsite) CAN-2004-1653 (The default configuration for OpenSSH enables AllowTcpForwarding, ...) - - ssh (unfixed; bug #296547) + NOTE: not-for-us (Documented SSH protocol behaviour, cannot be fixed) + NOTE: See bug #296547 for details CAN-2004-1652 (phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if ...) NOTE: not-for-us (phpScheduleIt) CAN-2004-1651 (Multiple Cross-site scripting (XSS) vulnerabilities in the ...)