[Secure-testing-commits] r39379 - data/CVE

Salvatore Bonaccorso Sun, 31 Jan 2016 05:57:07 -0800

Author: carnil
Date: 2016-01-31 11:54:31 +0000 (Sun, 31 Jan 2016)
New Revision: 39379


Modified:
   data/CVE/list
Log:
Update information for CVE-2015-8630

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-01-31 11:54:21 UTC (rev 39378)
+++ data/CVE/list       2016-01-31 11:54:31 UTC (rev 39379)
@@ -2962,7 +2962,11 @@
 CVE-2015-8630 [krb5 doesn't check for null policy when KADM5_POLICY is set in 
the mask]
        RESERVED
        - krb5 <unfixed> (bug #813127)
+       [wheezy] - krb5 <not-affected> (Vulnerability introduced in 1.12)
+       [squeeze] - krb5 <not-affected> (Vulnerability introduced in 1.12)
        NOTE: Fixed by: 
https://github.com/krb5/krb5/commit/b863de7fbf080b15e347a736fdda0a82d42f4f6b
+       NOTE: Introduced by: 
https://github.com/krb5/krb5/commit/0780e46fc13dbafa177525164997cd204cc50b51 
(krb5-1.12-alpha1)
+       TODO: double checking with maintainers if assessment for wheezy and 
before is correct
 CVE-2015-8629 [xdr_nullstring() doesn't check for terminating null character]
        RESERVED
        - krb5 <unfixed> (bug #813296)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39379 - data/CVE

Reply via email to