[Secure-testing-commits] r51625 - data/CVE

security tracker role Sun, 14 May 2017 14:10:31 -0700

Author: sectracker
Date: 2017-05-14 21:10:11 +0000 (Sun, 14 May 2017)
New Revision: 51625


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-05-14 20:53:19 UTC (rev 51624)
+++ data/CVE/list       2017-05-14 21:10:11 UTC (rev 51625)
@@ -9493,7 +9493,7 @@
        NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4
        NOTE: This CVE exists because of an incomplete fix for CVE-2016-10189
 CVE-2016-10189 (BitlBee before 3.5 allows remote attackers to cause a denial 
of ...)
-       {DLA-832-1}
+       {DSA-3853-1 DLA-832-1}
        - bitlbee 3.5-1
        NOTE: https://bugs.bitlbee.org/ticket/1282
        NOTE: Fixed by: 
https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f
 (3.5)
@@ -9502,7 +9502,7 @@
        NOTE: 
https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441
        NOTE: to not open CVE-2017-5668
 CVE-2016-10188 (Use-after-free vulnerability in bitlbee-libpurple before 3.5 
allows ...)
-       {DLA-832-1}
+       {DSA-3853-1 DLA-832-1}
        - bitlbee 3.5-1
        NOTE: https://bugs.bitlbee.org/ticket/1281
        NOTE: Fixed by: 
https://github.com/bitlbee/bitlbee/commit/ea902752503fc5b356d6513911081ec932d804f2
 (3.5)
@@ -16716,6 +16716,7 @@
        - bind9 <not-affected> (RHEL6 specific)
 CVE-2017-3138 [named exits with a REQUIRE assertion failure if it receives a 
null command string on its control channel]
        RESERVED
+       {DSA-3854-1}
        - bind9 1:9.10.3.dfsg.P4-12.3 (bug #860226)
        NOTE: https://kb.isc.org/article/AA-01471
        NOTE: Fixed by (9.10.x): 
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=a636604b20cc0aaabc8edbb7595f7c1c820b7610
@@ -16726,6 +16727,7 @@
        NOTE: The CVE-2017-3138 is barely an issue in practice anyway.
 CVE-2017-3137 [A response packet can cause a resolver to terminate when 
processing an answer containing a CNAME or DNAME]
        RESERVED
+       {DSA-3854-1}
        - bind9 1:9.10.3.dfsg.P4-12.3 (bug #860225)
        NOTE: https://kb.isc.org/article/AA-01466
        NOTE: Additional information for backporting patch: 
http://www.openwall.com/lists/oss-security/2017/04/17/5
@@ -16734,6 +16736,7 @@
        NOTE: Fixed by (9.10.x): 
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=7ab9e8e00775782d474522a5b2bffba8daefefa5
 (regression fix)
 CVE-2017-3136 [An error handling synthesized records could cause an assertion 
failure when using DNS64 with "break-dnssec yes;"]
        RESERVED
+       {DSA-3854-1}
        - bind9 1:9.10.3.dfsg.P4-12.3 (bug #860224)
        NOTE: https://kb.isc.org/article/AA-01465
        NOTE: Fixed by (9.10.x): 
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=764240ca07ab1b796226d5402ccd9fbfa77ec32a


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r51625 - data/CVE

Reply via email to