Author: hertzog
Date: 2017-05-12 10:06:35 +0000 (Fri, 12 May 2017)
New Revision: 51573
Modified:
data/CVE/list
Log:
Mark CVE-2016-9042 as not-affecting wheezy either
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-12 09:24:20 UTC (rev 51572)
+++ data/CVE/list 2017-05-12 10:06:35 UTC (rev 51573)
@@ -25667,10 +25667,11 @@
RESERVED
- ntp 1:4.2.8p10+dfsg-1
[jessie] - ntp <not-affected> (Doesn't use the affected upstream patch)
+ [wheezy] - ntp <not-affected> (Doesn't use the affected upstream patch)
NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0260/
NOTE: http://support.ntp.org/bin/view/Main/NtpBug3361
NOTE: This vulnerability affects the upstream fix for CVE-2015-8138,
but Debian
- NOTE: jessie (and probably also wheezy) use a less invasive patch by
Miroslav Lichvar
+ NOTE: jessie and wheezy use a less invasive patch by Miroslav Lichvar
NOTE: of Red Hat, as available here:
NOTE:
http://pkgs.fedoraproject.org/cgit/rpms/ntp.git/tree/ntp-4.2.6p5-cve-2015-8138.patch?h=f24
CVE-2016-9041
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
