Author: carnil
Date: 2016-03-18 18:44:09 +0000 (Fri, 18 Mar 2016)
New Revision: 40453
Modified:
data/CVE/list
Log:
Update CVE-2016-1503/dhcpcd
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-18 18:13:03 UTC (rev 40452)
+++ data/CVE/list 2016-03-18 18:44:09 UTC (rev 40453)
@@ -5776,12 +5776,10 @@
CVE-2016-1503 [heap overflow via malformed dhcp responses in print_option (via
dhcp_envoption1) due to incorrect option length values]
RESERVED
- dhcpcd5 <unfixed> (bug #810621)
- - dhcpcd <removed>
- [squeeze] - dhcpcd <not-affected> (Vulnerable code not present)
+ - dhcpcd <not-affected> (Vulnerable code not present)
NOTE:
http://roy.marples.name/projects/dhcpcd/info/76a1609352263bd9def1300d7ba990679571fa30
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/01/07/3
NOTE: dhcpcd 3.2.3-<rev> in squeeze and wheezy differ very much from
dhcpcd5 in later Debian versions.
- TODO: check affected versions
CVE-2016-1504 [invalid read/crash via malformed dhcp responses]
RESERVED
- dhcpcd5 <unfixed> (bug #810620)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
