Hi On Wed, Aug 09, 2017 at 09:21:42AM +0100, Adam Weremczuk wrote: > Hello, > > Could somebody confirm the status of the following: > > CVE-2014-1692 > CVE-2014-2532 > CVE-2015-5352 > CVE-2015-5600 > CVE-2015-6563 > CVE-2015-6564 > CVE-2015-6565 > CVE-2016-10009 > CVE-2016-10010 > CVE-2016-10011 > CVE-2016-10012 > OSVDB-144000 > > in 6.0p1-4+deb7u6 ?
The security-tracker can help you verifying the status for certain CVEs and source packages. For openssh, have a look at: https://security-tracker.debian.org/tracker/source-package/openssh > > I've searched for references in > /usr/share/doc/openssh-server/changelog.Debian on a system running > 6.0p1-4+deb7u6 version on wheezy 7.1 but couldn't find them. > > Also: > > https://packages.debian.org/wheezy/openssh-server --> "Debian Changelog" > returns 404 not found. > > Why is that? That's unfortunately because of https://bugs.debian.org/490848 (and the related merged bugs). Regards, Salvatore