[Git][security-tracker-team/security-tracker][master] Clarifiy notes on followup fixes

Fri, 26 Jul 2019 14:14:42 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f3d8fbc7 by Salvatore Bonaccorso at 2019-07-26T21:12:50Z
Clarifiy notes on followup fixes

There is not really an issue with the CVE-2018-1000156, but make clear
what the functional regression is about and reference the reported
Debian bug in the BTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -196371,10 +196371,10 @@ CVE-2018-1000156 (GNU Patch version 2.7.6 contains 
an input validation vulnerabi
        NOTE: 
http://git.savannah.gnu.org/cgit/patch.git/commit/?id=123eaff0d5d1aebe128295959435b9ca5909c26d
        NOTE: Respective patch in FreeBSD: 
https://www.freebsd.org/security/advisories/FreeBSD-SA-15:18.bsdpatch.asc
        NOTE: Respective patch in OpenBSD: 
https://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/013_patch.patch.sig
-       NOTE: Regression with only the initial commit:
+       NOTE: (Functional) regression/issue introduced with only the initial 
commit:
        NOTE: https://savannah.gnu.org/bugs/?53820
        NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1092500
-       NOTE: Followup fixes:
+       NOTE: Followup fixes needed to address https://bugs.debian.org/933140
        NOTE: 
http://git.savannah.gnu.org/cgit/patch.git/commit/?id=19599883ffb6a450d2884f081f8ecf68edbed7ee
        NOTE: 
http://git.savannah.gnu.org/cgit/patch.git/commit/?id=369dcccdfa6336e5a873d6d63705cfbe04c55727
 CVE-2015-1417 (The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 
10.2-BETA2-p2 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f3d8fbc731f7bfed99485ca35cebd79964eb73a0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f3d8fbc731f7bfed99485ca35cebd79964eb73a0
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to