Re: Status of CVE-2008-1615 in stable?

To: Michael Gilbert <michael.s.gilbert@gmail.com>
Cc: debian-security@lists.debian.org
Subject: Re: Status of CVE-2008-1615 in stable?
From: dann frazier <dannf@dannf.org>
Date: Thu, 22 May 2008 23:21:22 -0600
Message-id: <[🔎] 20080523052122.GF32742@colo.lackof.org>
In-reply-to: <[🔎] 8e2a98be0805222023p60c29ad3nc52b750272a1eb0d@mail.gmail.com>
References: <[🔎] 8e2a98be0805222023p60c29ad3nc52b750272a1eb0d@mail.gmail.com>

On Thu, May 22, 2008 at 11:23:36PM -0400, Michael Gilbert wrote:
> Looks like redhat recently released updates [1] that fix the
> high-severity vulnerability described by CVE-2008-1615 [2].  Will a
> similar fix be pushed out to debian etch any time soon?

yes, a patch for this is queued for the next update which I expect to
be released this weekend.

> It looks like it should be pretty straightforward since it is a
> one-line patch [2].
> 
> [1] http://rhn.redhat.com/errata/RHSA-2008-027
> [2] http://security-tracker.debian.net/tracker/CVE-2008-16155.html
> [3] https://bugzilla.redhat.com/attachment.cgi?id=294062
> 
> 

-- 
dann frazier

Reply to:

Follow-Ups:
- Re: Status of CVE-2008-1615 in stable?
  - From: "Michael Gilbert" <michael.s.gilbert@gmail.com>

References:
- Status of CVE-2008-1615 in stable?
  - From: "Michael Gilbert" <michael.s.gilbert@gmail.com>

Prev by Date: Status of CVE-2008-1615 in stable?
Next by Date: Re: openssh remote upgrade procedure?
Previous by thread: Status of CVE-2008-1615 in stable?
Next by thread: Re: Status of CVE-2008-1615 in stable?
Index(es):
- Date
- Thread