[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] ntp fixed

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
39a6e582 by Moritz Muehlenhoff at 2018-03-26T10:48:03+02:00
ntp fixed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4838,19 +4838,19 @@ CVE-2018-7187 (The "go get" implementation in 
Go 1.9.4, when the -inse
        NOTE: https://github.com/golang/go/issues/23867
        NOTE: 
https://github.com/golang/go/commit/c941e27e70c3e06e1011d2dd71d72a7a06a9bcbc
 CVE-2018-7185 (The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a 
remote ...)
-       - ntp <unfixed>
+       - ntp 1:4.2.8p11+dfsg-1
        - ntpsec <not-affected> (Issue not present)
        NOTE: http://www.kb.cert.org/vuls/id/961909
        NOTE: http://support.ntp.org/bin/view/Main/NtpBug3454
        NOTE: 
http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
 CVE-2018-7184 (ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before 
updating ...)
-       - ntp <unfixed>
+       - ntp 1:4.2.8p11+dfsg-1
        - ntpsec <not-affected> (Issue not present)
        NOTE: http://www.kb.cert.org/vuls/id/961909
        NOTE: http://support.ntp.org/bin/view/Main/NtpBug3453
        NOTE: 
http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
 CVE-2018-7183 (Buffer overflow in the decodearr function in ntpq in ntp 
4.2.8p6 ...)
-       - ntp <unfixed> (low)
+       - ntp 1:4.2.8p11+dfsg-1 (low)
        [stretch] - ntp <no-dsa> (Minor issue)
        [jessie] - ntp <no-dsa> (Minor issue)
        [wheezy] - ntp <no-dsa> (Minor issue)
@@ -4859,7 +4859,7 @@ CVE-2018-7183 (Buffer overflow in the decodearr function 
in ntpq in ntp 4.2.8p6 
        NOTE: http://support.ntp.org/bin/view/Main/NtpBug3414
        NOTE: 
http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
 CVE-2018-7182 (The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 
allows ...)
-       - ntp <unfixed>
+       - ntp 1:4.2.8p11+dfsg-1
        - ntpsec 1.0.0+dfsg1-5
        NOTE: http://www.kb.cert.org/vuls/id/961909
        NOTE: http://support.ntp.org/bin/view/Main/NtpBug3412
@@ -4915,7 +4915,7 @@ CVE-2018-7172 (In index.php in WonderCMS before 2.4.1, 
remote attackers can dele
 CVE-2018-7171
        RESERVED
 CVE-2018-7170 (ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows 
...)
-       - ntp <unfixed>
+       - ntp 1:4.2.8p11+dfsg-1
        [stretch] - ntp <no-dsa> (Minor issue)
        [jessie] - ntp <no-dsa> (Minor issue)
        [wheezy] - ntp <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/39a6e58202d8f5867f426cf3f8f2fc63263622eb

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/39a6e58202d8f5867f426cf3f8f2fc63263622eb
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits