Author: nion
Date: 2007-10-28 15:56:33 +0000 (Sun, 28 Oct 2007)
New Revision: 7130
Modified:
data/CVE/list
Log:
CVE-2007-3102 openssh-server not-affected, see notes
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-10-28 15:44:18 UTC (rev 7129)
+++ data/CVE/list 2007-10-28 15:56:33 UTC (rev 7130)
@@ -6613,7 +6613,10 @@
{DSA-1342-1}
- xfs 1:1.0.4-2
CVE-2007-3102 (Unspecified vulnerability in the linux_audit_record_event
function in ...)
- TODO: check
+ - openssh-server <not-affected> (This is a redhat/fedora specific issue)
+ NOTE: this issue was introduced by a patch of redhat
(openssh-4.3p1-audit.patch)
+ NOTE: The patch fixing this (openssh-4.3p2-cve-2007-3102.patch) can be found
on:
+ NOTE:
http://mirror.linux.duke.edu/pub/fedora/linux/core/updates/6/SRPMS/openssh-4.3p2-25.fc6.src.rpm
CVE-2007-3101 (Multiple cross-site scripting (XSS) vulnerabilities in certain
JSF ...)
NOT-FOR-US: Apache MyFaces Tomahawk
CVE-2007-3100 (usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before
...)