[Secure-testing-commits] r53580 - data/CVE

Mon, 17 Jul 2017 12:30:51 -0700 

Author: carnil
Date: 2017-07-17 19:30:26 +0000 (Mon, 17 Jul 2017)
New Revision: 53580

Modified:
   data/CVE/list
Log:
Add CVE-2017-10982

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-07-17 19:25:37 UTC (rev 53579)
+++ data/CVE/list       2017-07-17 19:30:26 UTC (rev 53580)
@@ -1175,8 +1175,14 @@
        NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-206
        NOTE: 2.x: 
https://github.com/FreeRADIUS/freeradius-server/commit/ec08b30f87066f82073d02fab57e8ffeef81373d
        NOTE: 3.x: 
https://github.com/FreeRADIUS/freeradius-server/commit/5759b20af99af6d30924f0efd8da5eac2a17163d
-CVE-2017-10982
+CVE-2017-10982 [DHCP - Read overflow in fr_dhcp_decode_options()]
        RESERVED
+       - freeradius 3.0.12+dfsg-3
+       NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-205
+       NOTE: 
https://github.com/FreeRADIUS/freeradius-server/commit/10b6de9345c9e0d9d4d5e0426fa5c3d68d702875
+       NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
+       NOTE: This is not fully technically correct, the issue affects only the 
2.x
+       NOTE: series but not 3.x.
 CVE-2017-10981
        RESERVED
 CVE-2017-10980


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to