Ubuntu CVE Tracker

Merge lp:~teward/ubuntu-cve-tracker/putty-CVE-2015-2157-update into lp:~ubuntu-security/ubuntu-cve-tracker/master

  1. putty-CVE-2015-2157-update
  2. Merge into master
Proposed by Thomas Ward
Status: Merged
Merge reported by: Marc Deslauriers
Merged at revision: not available
Proposed branch: lp:~teward/ubuntu-cve-tracker/putty-CVE-2015-2157-update
Merge into: lp:~ubuntu-security/ubuntu-cve-tracker/master
Diff against target: 17 lines (+3/-3)
1 file modified
active/CVE-2015-2157 (+3/-3)
To merge this branch: bzr merge lp:~teward/ubuntu-cve-tracker/putty-CVE-2015-2157-update
Reviewer Review Type Date Requested Status
Ubuntu Security Team Pending
Review via email: mp+262614@code.launchpad.net

Description of the change

CVE-2015-2157 against Putty is missing some accurate information, so I've provided an updated version here.

Summary:
* Vulnerability was fixed Upstream in 0.64.
* The vulnerability was fixed in Vivid with 0.63-10, from Debian, which has a fix included.
* The vulnerability does not affect Wily since Wily has 0.64-1, from Debian.

I am not planning on providing a security debdiff, I am merely making sure this CVE entry is accurate.

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'active/CVE-2015-2157'
2--- active/CVE-2015-2157 2015-04-30 13:58:07 +0000
3+++ active/CVE-2015-2157 2015-06-22 17:42:23 +0000
4@@ -16,10 +16,10 @@
5 Assigned-to:
6
7 Patches_putty:
8-upstream_putty: needs-triage
9+upstream_putty: released (0.64)
10 lucid_putty: ignored (reached end-of-life)
11 precise_putty: needs-triage
12 trusty_putty: needs-triage
13 utopic_putty: needs-triage
14-vivid_putty: needs-triage
15-devel_putty: needs-triage
16+vivid_putty: released (0.63-10)
17+devel_putty: not-affected (0.64-1)