Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f4a8548a by Salvatore Bonaccorso at 2018-03-03T14:40:27+01:00 Correct references to commits for isc-dhcp While triaging I swapped the two commits, and wrongly associated the one for CVE-2018-5732 with CVE-2018-5733 and viceversa. Reference the (yet) non-public bug reports. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -5566,13 +5566,15 @@ CVE-2018-5733 [A malicious client can overflow a reference counter in ISC dhcpd] RESERVED - isc-dhcp <unfixed> (bug #891785) NOTE: https://kb.isc.org/article/AA-01567/75/CVE-2018-5733 - NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=c5931725b48b121d232df4ba9e45bc41e0ba114d (4.4.1) + NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=47140 + NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=197b26f25309f947b97a83b8fdfc414b767798f8 (4.4.1) NOTE: Fixes for 4.3.6p1: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3 CVE-2018-5732 [A specially constructed response from a malicious server can cause a buffer overflow in dhclient] RESERVED - isc-dhcp <unfixed> (bug #891786) NOTE: https://kb.isc.org/article/AA-01565/75/CVE-2018-5732 - NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=197b26f25309f947b97a83b8fdfc414b767798f8 (4.4.1) + NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=47139 + NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=c5931725b48b121d232df4ba9e45bc41e0ba114d (4.4.1) NOTE: Fixes for 4.3.6p1: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3 CVE-2018-1000005 (libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in ...) - curl 7.58.0-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4a8548afc2e821a79e68cb21177d5fa5b42cd2d --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4a8548afc2e821a79e68cb21177d5fa5b42cd2d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits