[Secure-testing-commits] r37005 - in data: CVE DLA DSA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Oct 6 04:51:50 UTC 2015 

Author: carnil
Date: 2015-10-06 04:51:50 +0000 (Tue, 06 Oct 2015)
New Revision: 37005

Modified:
   data/CVE/list
   data/DLA/list
   data/DSA/list
Log:
Replace CVEs for ntp

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-10-06 04:42:35 UTC (rev 37004)
+++ data/CVE/list	2015-10-06 04:51:50 UTC (rev 37005)
@@ -59,11 +59,13 @@
 CVE-2015-7672
 	RESERVED
 CVE-2014-9751 (The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before ...)
-	- ntp <unfixed>
-	TODO: check, same as CVE-2014-9298?
+	{DSA-3154-1 DLA-149-1}
+	- ntp 1:4.2.6.p5+dfsg-4
+	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2672 (not yet public)
 CVE-2014-9750 (ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey ...)
-	- ntp <unfixed>
-	TODO: check, same as CVE-2014-9297?
+	{DSA-3154-2 DSA-3154-1 DLA-149-1}
+	- ntp 1:4.2.6.p5+dfsg-5
+	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2671
 CVE-2014-9749
 	RESERVED
 CVE-2014-9748
@@ -21816,14 +21818,8 @@
 	NOTE: http://tracker.firebirdsql.org/browse/CORE-4630
 CVE-2014-9298
 	REJECTED
-	{DSA-3154-1 DLA-149-1}
-	- ntp 1:4.2.6.p5+dfsg-4
-	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2672 (not yet public)
 CVE-2014-9297
 	REJECTED
-	{DSA-3154-2 DSA-3154-1 DLA-149-1}
-	- ntp 1:4.2.6.p5+dfsg-5
-	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2671
 CVE-2014-9296 (The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 ...)
 	{DSA-3108-1 DLA-116-1}
 	- ntp 1:4.2.6.p5+dfsg-3.2 (bug #773576)

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2015-10-06 04:42:35 UTC (rev 37004)
+++ data/DLA/list	2015-10-06 04:51:50 UTC (rev 37005)
@@ -537,7 +537,7 @@
 	{CVE-2014-8139 CVE-2014-9636}
 	[squeeze] - unzip 6.0-4+deb6u2
 [07 Feb 2015] DLA-149-1 ntp - security update
-	{CVE-2014-9297 CVE-2014-9298}
+	{CVE-2014-9750 CVE-2014-9751}
 	[squeeze] - ntp 1:4.2.6.p2+dfsg-1+deb6u2
 [07 Feb 2015] DLA-148-1 sympa - security update
 	{CVE-2015-1306}

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2015-10-06 04:42:35 UTC (rev 37004)
+++ data/DSA/list	2015-10-06 04:51:50 UTC (rev 37005)
@@ -738,7 +738,7 @@
 	[wheezy] - vlc 2.0.3-5+deb7u2
 	[wheezy] - mplayer 2:1.0~rc4.dfsg1+svn34540-1+deb7u1
 [07 Feb 2015] DSA-3154-2 ntp - incomplete fix
-	{CVE-2014-9297}
+	{CVE-2014-9750}
 	[wheezy] - ntp 1:4.2.6.p5+dfsg-2+deb7u3
 [06 Feb 2015] DSA-2978-2 libxml2 - security update
 	{CVE-2014-0191 CVE-2014-3660}
@@ -747,7 +747,7 @@
 	{CVE-2014-8161 CVE-2015-0241 CVE-2015-0243 CVE-2015-0244}
 	[wheezy] - postgresql-9.1 9.1.15-0+deb7u1
 [05 Feb 2015] DSA-3154-1 ntp - security update
-	{CVE-2014-9297 CVE-2014-9298}
+	{CVE-2014-9750 CVE-2014-9751}
 	[wheezy] - ntp 1:4.2.6.p5+dfsg-2+deb7u2
 [03 Feb 2015] DSA-3153-1 krb5 - security update
 	{CVE-2014-5352 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423}

More information about the Secure-testing-commits mailing list