On Thu, Jul 27, 2017 at 10:35:36AM -0700, Noah Meyerhans wrote:
> On Mon, Jul 10, 2017 at 11:18:35PM +0200, Moritz Muehlenhoff wrote:
> >
> > Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396
>
> Hi Moritz. I assume your intent was not to issue a DSA for this since
>
On Mon, Jul 10, 2017 at 11:18:35PM +0200, Moritz Muehlenhoff wrote:
>
> Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396
Hi Moritz. I assume your intent was not to issue a DSA for this since
it's been a known issue for nearly a year. Under that assumption I've
gone
On Wed, Jul 19, 2017 at 10:29:41AM -0400, Antoine Beaupre wrote:
> It sure looks like that patch is not correct. Jiri Bohac from Novell
> found that it introduced a regression that could lead to another DoS:
>
> https://bugzilla.novell.com/show_bug.cgi?id=1047443#c1
Updated debdiff is attached.
On Tue, Jul 18, 2017 at 01:53:09PM -0400, Noah Meyerhans wrote:
> Control: tags -1 + pending patch
>
> On Mon, Jul 10, 2017 at 11:18:35PM +0200, Moritz Muehlenhoff wrote:
> >
> > Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396
> >
>
> I believe that the attached
Control: tags -1 + pending patch
On Mon, Jul 10, 2017 at 11:18:35PM +0200, Moritz Muehlenhoff wrote:
>
> Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396
>
I believe that the attached debdiff, derived from NetBSD's fix, should
address this problem. It should apply
Package: racoon
Severity: grave
Tags: security
Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396
Cheers,
Moritz
6 matches
Mail list logo