[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record fixed versions for isc-dhcp issues

Sun, 04 Mar 2018 22:36:35 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5eca081c by Salvatore Bonaccorso at 2018-03-05T07:35:29+01:00
Record fixed versions for isc-dhcp issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5623,14 +5623,14 @@ CVE-2018-5734 [A malformed request can trigger an 
assertion failure in badcache.
        NOTE: https://kb.isc.org/article/AA-01562/74/CVE-2018-5734
 CVE-2018-5733 [A malicious client can overflow a reference counter in ISC 
dhcpd]
        RESERVED
-       - isc-dhcp <unfixed> (bug #891785)
+       - isc-dhcp 4.3.5-3.1 (bug #891785)
        NOTE: https://kb.isc.org/article/AA-01567/75/CVE-2018-5733
        NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=47140
        NOTE: 
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=197b26f25309f947b97a83b8fdfc414b767798f8
 (4.4.1)
        NOTE: Fixes for 4.3.6p1: 
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3
 CVE-2018-5732 [A specially constructed response from a malicious server can 
cause a buffer overflow in dhclient]
        RESERVED
-       - isc-dhcp <unfixed> (bug #891786)
+       - isc-dhcp 4.3.5-3.1 (bug #891786)
        NOTE: https://kb.isc.org/article/AA-01565/75/CVE-2018-5732
        NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=47139
        NOTE: 
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=c5931725b48b121d232df4ba9e45bc41e0ba114d
 (4.4.1)
@@ -63642,7 +63642,7 @@ CVE-2017-3145 [Improper fetch cleanup sequencing in the 
resolver can cause named
        NOTE: Fixed by (9.10.6-P1): 
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=55baf7d7e25c0e6444cb7e415f14d9e0819b5508
 CVE-2017-3144 [dhcp: omapi code doesn't free socket descriptors when empty 
message is received allowing denial-of-service]
        RESERVED
-       - isc-dhcp <unfixed> (bug #887413)
+       - isc-dhcp 4.3.5-3.1 (bug #887413)
        [wheezy] - isc-dhcp <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1522918
        NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=46767



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5eca081c0373af7bb9852b2936dbefcceffde554

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5eca081c0373af7bb9852b2936dbefcceffde554
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to