Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6c203623 by Salvatore Bonaccorso at 2018-04-29T20:13:26+02:00
Update note for CVE-2018-5710 after clarification with Benjamin Kaduk
Thanks: Benjamin Kaduk for the clarifications on CVE-2018-5709 and
CVE-2018-5710.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -13085,6 +13085,10 @@ CVE-2018-5710 (An issue was discovered in MIT Kerberos
5 (aka krb5) through 1.16
- krb5 <unfixed> (bug #889685)
[wheezy] - krb5 <not-affected> (all strlen() parameters are checked for
NULL)
NOTE:
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)
+ NOTE: The CVE is a duplicate of the #891869 issue(s) due to reporter not
+ NOTE: having coordinated with upstream and the CVE assignment ist sill
for
+ NOTE: slight different coverage. Thus keep it distinct (for now) and
mark
+ NOTE: CVE-2018-5710 issue as well as fixed once #891869 is adressed.
CVE-2018-5709 (An issue was discovered in MIT Kerberos 5 (aka krb5) through
1.16. ...)
- krb5 <unfixed> (unimportant; bug #889684)
[wheezy] - krb5 <no-dsa> (Minor issue, according to Red Hat this is not
a bug)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6c20362363b421cba8d874671f1ee0d186b0d374
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6c20362363b421cba8d874671f1ee0d186b0d374
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
