[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Wrap long comment

Mon, 15 Jan 2018 22:18:07 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
62f22e31 by Salvatore Bonaccorso at 2018-01-16T06:10:41+01:00
Wrap long comment

- - - - -
d3bc85a9 by Salvatore Bonaccorso at 2018-01-16T07:17:14+01:00
Add CVE-2017-3144/isc-dhcp

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -41,7 +41,8 @@ CVE-2018-5685 (In GraphicsMagick 1.3.27, there is an infinite 
loop and applicati
        - graphicsmagick 1.3.27-4 (bug #887158)
        NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/52a91ddb1aa6
        NOTE: https://sourceforge.net/p/graphicsmagick/bugs/541/
-       NOTE: Before 1.3.27, the problem only affects 32-bit architectures 
(i.e., 4-byte long) it expanded to 64-bit architectures with upstream commit 
be5e89e6032d
+       NOTE: Before 1.3.27, the problem only affects 32-bit architectures 
(i.e., 4-byte long) it
+       NOTE: expanded to 64-bit architectures with upstream commit be5e89e6032d
 CVE-2018-5684 (In Libav through 12.2, there is an invalid memcpy call in the 
...)
        - libav <removed>
        NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1110
@@ -57078,8 +57079,11 @@ CVE-2017-3146
        RESERVED
 CVE-2017-3145
        RESERVED
-CVE-2017-3144
+CVE-2017-3144 [dhcp: omapi code doesn't free socket descriptors when empty 
message is received allowing denial-of-service]
        RESERVED
+       - isc-dhcp <unfixed>
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1522918
+       NOTE: 
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=1a6b62fe17a42b00fa234d06b6dfde3d03451894
 CVE-2017-3143 [An error in TSIG authentication can permit unauthorized dynamic 
updates]
        RESERVED
        {DSA-3904-1 DLA-1025-1}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/6e42cd16f5636613aa1e1a0fda3185de0e8ab53b...d3bc85a9dccb6327aa4dcbfecb26c31cb4805b01

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/6e42cd16f5636613aa1e1a0fda3185de0e8ab53b...d3bc85a9dccb6327aa4dcbfecb26c31cb4805b01
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to