[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Correct references to commits for isc-dhcp

Sat, 03 Mar 2018 05:41:52 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f4a8548a by Salvatore Bonaccorso at 2018-03-03T14:40:27+01:00
Correct references to commits for isc-dhcp

While triaging I swapped the two commits, and wrongly associated the one
for CVE-2018-5732 with CVE-2018-5733 and viceversa.

Reference the (yet) non-public bug reports.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5566,13 +5566,15 @@ CVE-2018-5733 [A malicious client can overflow a 
reference counter in ISC dhcpd]
        RESERVED
        - isc-dhcp <unfixed> (bug #891785)
        NOTE: https://kb.isc.org/article/AA-01567/75/CVE-2018-5733
-       NOTE: 
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=c5931725b48b121d232df4ba9e45bc41e0ba114d
 (4.4.1)
+       NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=47140
+       NOTE: 
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=197b26f25309f947b97a83b8fdfc414b767798f8
 (4.4.1)
        NOTE: Fixes for 4.3.6p1: 
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3
 CVE-2018-5732 [A specially constructed response from a malicious server can 
cause a buffer overflow in dhclient]
        RESERVED
        - isc-dhcp <unfixed> (bug #891786)
        NOTE: https://kb.isc.org/article/AA-01565/75/CVE-2018-5732
-       NOTE: 
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=197b26f25309f947b97a83b8fdfc414b767798f8
 (4.4.1)
+       NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=47139
+       NOTE: 
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=c5931725b48b121d232df4ba9e45bc41e0ba114d
 (4.4.1)
        NOTE: Fixes for 4.3.6p1: 
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3
 CVE-2018-1000005 (libcurl 7.49.0 to and including 7.57.0 contains an out 
bounds read in ...)
        - curl 7.58.0-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4a8548afc2e821a79e68cb21177d5fa5b42cd2d

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4a8548afc2e821a79e68cb21177d5fa5b42cd2d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to