Author: carnil
Date: 2017-06-21 20:21:15 +0000 (Wed, 21 Jun 2017)
New Revision: 52789
Modified:
data/CVE/list
Log:
Add bug reference for openvpn issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-21 19:52:39 UTC (rev 52788)
+++ data/CVE/list 2017-06-21 20:21:15 UTC (rev 52789)
@@ -6602,14 +6602,14 @@
NOTE: code present.
CVE-2017-7521 [Potential double-free in --x509-alt-username and memory leaks]
RESERVED
- - openvpn <unfixed>
+ - openvpn <unfixed> (bug #865480)
NOTE: Fixed by: https://github.com/OpenVPN/openvpn/commit/cb4e35ece4
NOTE: Fixed by: https://github.com/OpenVPN/openvpn/commit/2d032c7fcd
NOTE:
https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
CVE-2017-7520 [Pre-authentication remote crash/information disclosure for
clients]
RESERVED
- - openvpn <unfixed>
+ - openvpn <unfixed> (bug #865480)
NOTE: Fixed by: https://github.com/OpenVPN/openvpn/commit/7718c8984f
NOTE:
https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
@@ -6648,7 +6648,7 @@
NOT-FOR-US: Red Hat Certificate System
CVE-2017-7508 [Remotely-triggerable ASSERT() on malformed IPv6 packet]
RESERVED
- - openvpn <unfixed>
+ - openvpn <unfixed> (bug #865480)
NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
NOTE:
https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
NOTE: Fixed by: https://github.com/OpenVPN/openvpn/commit/c3f47077a7
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
