Date: Fri, 6 Jan 2017 16:36:47 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: freebsd security <freebsd-security@freebsd.org> Subject: Re: VuXML entry for openssh - 10.3 sshd in base vulnerable Message-ID: <586FB98F.2050500@quip.cz> In-Reply-To: <586BA308.8060402@quip.cz> References: <586BA308.8060402@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
Miroslav Lachman wrote on 2017/01/03 14:11: > Security entries for base are in VuXML for some time so we are checking > it periodically. Now we have an alert for base sshd in 10.3-p14 and -15 > too. > > # pkg audit FreeBSD-10.3_15 > FreeBSD-10.3_15 is vulnerable: > openssh -- multiple vulnerabilities > CVE: CVE-2016-10010 > CVE: CVE-2016-10009 > WWW: > https://vuxml.FreeBSD.org/freebsd/2aedd15f-ca8b-11e6-a9a5-b499baebfeaf.html > > 1 problem(s) in the installed packages found. > > > But there is no advisory on > https://www.freebsd.org/security/advisories.html for this problem. > > Is it false alarm? Or did I missed something? 3 days without reply... Please, can somebody from FreeBSD team clarify if sshd in base is vulnerable or not? Kind regards Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?586FB98F.2050500>