[Secure-testing-commits] r25960 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Mar 5 12:10:46 UTC 2014


Author: carnil
Date: 2014-03-05 12:10:46 +0000 (Wed, 05 Mar 2014)
New Revision: 25960

Modified:
   data/CVE/list
Log:
Add two net-snmp issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-03-05 07:05:30 UTC (rev 25959)
+++ data/CVE/list	2014-03-05 12:10:46 UTC (rev 25960)
@@ -1,3 +1,13 @@
+CVE-2014-XXXX [snmptrapd crash when using a trap with empty community string]
+	- net-snmp <undetermined>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1072044
+	TODO: verify, might only affect with older Perl releases
+CVE-2014-XXXX [denial of service flaw in Linux implementation of ICMP-MIB]
+	- net-snmp <unfixed>
+	[wheezy] - net-snmp <not-affected> (Only affects code from 5.5 through 5.7.2)
+	[squeeze] - net-snmp <not-affected> (Only affects code from 5.5 through 5.7.2)
+	NOTE: http://sourceforge.net/p/net-snmp/mailman/message/32026655/
+	NOTE: http://sourceforge.net/p/net-snmp/code/ci/a1fd64716f6794c55c34d77e618210238a73bfa1/
 CVE-2014-XXXX [buffer overflow]
 	- mp3gain <unfixed> (bug #740268)
 	TODO: check




More information about the Secure-testing-commits mailing list