[opensuse] CVE-2015-6564 and OpenSuSE 13.1
Hello all, In date 13 Aug 2015 a new vulnerability on OpenSSH < 6.9p1 is published. Into OpenSuSE 13.1 we have openssh-6.2p2-3.4.1 updated on 8 Jan 2015. That vulnerability does not interest OpenSuSE? Is not vulnerable? http://seclists.org/fulldisclosure/2015/Aug/54 Cordially, Claudio Prono. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-09-02 11:03, Claudio ML wrote:
Hello all,
In date 13 Aug 2015 a new vulnerability on OpenSSH < 6.9p1 is published. Into OpenSuSE 13.1 we have openssh-6.2p2-3.4.1 updated on 8 Jan 2015. That vulnerability does not interest OpenSuSE? Is not vulnerable?
Remember that the policy here is to backport, not to update versions. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlXmyG8ACgkQja8UbcUWM1zUKQEAmj76z+FKRgbN5sp3qR9X3GU3 /moUN9LDqPfok+0OCFIA/2vaf1fi+rpgE6EkoWRoLPsbuczBE2bImyS1hUeaiVQU =/ydk -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Wed, Sep 02, 2015 at 11:59:11AM +0200, Carlos E. R. wrote:
On 2015-09-02 11:03, Claudio ML wrote:
Hello all,
In date 13 Aug 2015 a new vulnerability on OpenSSH < 6.9p1 is published. Into OpenSuSE 13.1 we have openssh-6.2p2-3.4.1 updated on 8 Jan 2015. That vulnerability does not interest OpenSuSE? Is not vulnerable?
Remember that the policy here is to backport, not to update versions.
It is tracked in Bugzilla: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2015-6564 But the regular openssh maintainer has not proceeded on it yet. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (3)
-
Carlos E. R.
-
Claudio ML
-
Marcus Meissner