Date: Fri, 6 Jan 2017 16:36:47 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: freebsd security <freebsd-security@freebsd.org> Subject: Re: VuXML entry for openssh - 10.3 sshd in base vulnerable Message-ID: <586FB98F.2050500@quip.cz> In-Reply-To: <586BA308.8060402@quip.cz>
index | next in thread | previous in thread | raw e-mail
Miroslav Lachman wrote on 2017/01/03 14:11: > Security entries for base are in VuXML for some time so we are checking > it periodically. Now we have an alert for base sshd in 10.3-p14 and -15 > too. > > # pkg audit FreeBSD-10.3_15 > FreeBSD-10.3_15 is vulnerable: > openssh -- multiple vulnerabilities > CVE: CVE-2016-10010 > CVE: CVE-2016-10009 > WWW: > https://vuxml.FreeBSD.org/freebsd/2aedd15f-ca8b-11e6-a9a5-b499baebfeaf.html > > 1 problem(s) in the installed packages found. > > > But there is no advisory on > https://www.freebsd.org/security/advisories.html for this problem. > > Is it false alarm? Or did I missed something? 3 days without reply... Please, can somebody from FreeBSD team clarify if sshd in base is vulnerable or not? Kind regards Miroslav Lachmanhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?586FB98F.2050500>