[Secure-testing-commits] r37307 - data/CVE
Ben Hutchings
benh at moszumanska.debian.org
Sun Oct 25 00:30:37 UTC 2015
Author: benh
Date: 2015-10-25 00:30:37 +0000 (Sun, 25 Oct 2015)
New Revision: 37307
Modified:
data/CVE/list
Log:
Add upstream git commits and cross-references for recent ntp issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-24 22:56:46 UTC (rev 37306)
+++ data/CVE/list 2015-10-25 00:30:37 UTC (rev 37307)
@@ -183,6 +183,9 @@
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/aa44b5835d69d8ee031736bb8ee2730a514edb7d
+ NOTE: https://github.com/ntp-project/ntp/commit/f92b3b986bbb3419b8cd1b9b5a40ecf3c955d885
+ NOTE: https://github.com/ntp-project/ntp/commit/2fc399440d8a3b9f8056caf68b3ceb031be1ca6d
CVE-2015-7870
RESERVED
CVE-2015-7869
@@ -220,34 +223,43 @@
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/ba716a464ecb20618560075f2e4e1051e5b6f24f
CVE-2015-7854
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/e182a2334ae6a2ab77ba3aad662f6ec676e59106
CVE-2015-7853
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/8482b536f9494a5d45196ab5b7e13040f5940261
CVE-2015-7852
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/07a5b8141e354a998a52994c3c9cd547927e56ce
CVE-2015-7851
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/184516e143ce4448ddb5b9876dd372008cc779f6
CVE-2015-7850
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/bb928ef08eec020ef6008f3a140702ccc0536b8e
CVE-2015-7849
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/9c22e66c8f2be6aa0c846f0d9804db20f93c105d
+ NOTE: https://github.com/ntp-project/ntp/commit/1bb401576f412532d8cdcca5509b85ad29605913
CVE-2015-7848
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/c04c3d3d940dfe1a53132925c4f51aef017d2e0f
CVE-2015-7847
RESERVED
CVE-2015-7846
@@ -650,24 +662,34 @@
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/21d57dc336dbe9a975baca5ce5ae4da5b71ff123
+ NOTE: https://github.com/ntp-project/ntp/commit/492758c3d0690d3ccf7130fabfcf670997f12f7b
CVE-2015-7704
RESERVED
- ntp 1:4.2.8p4+dfsg-3
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: Partially fixed upstream together with CVE-2015-7705
NOTE: Original ntp fix applied in 1:4.2.8p4+dfsg-1for CVE-2015-7704 is apparently broken
NOTE: http://lists.ntp.org/pipermail/pool/2015-October/007631.html
CVE-2015-7703
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/5dea6ff160c7e8f7cb038619ccccd28c3a8df637
+ NOTE: https://github.com/ntp-project/ntp/commit/cdae0f1369ade98dc7ae912a0f1953b6e533cb88
CVE-2015-7702
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/348fc9fa390c7894f589104fbca4d635868b7a45
+ NOTE: https://github.com/ntp-project/ntp/commit/158d5aa33f5ce3c10f99cdef364ce8e2cb05c4c5
+ NOTE: https://github.com/ntp-project/ntp/commit/5e08c9af76a5e4214bc8369ddf01ee0e86747b3a
CVE-2015-7701
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: https://github.com/ntp-project/ntp/commit/d7cd5e186034340402f1393e0813c7d2b14ea6ca
+ NOTE: https://github.com/ntp-project/ntp/commit/79604d925e4477247eee202155215e7865293809
CVE-2015-7700
RESERVED
CVE-2015-7697 [Infinite loop when extracting password-protected archive]
@@ -692,10 +714,12 @@
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: Fixed upstream together with CVE-2015-7702
CVE-2015-7691
RESERVED
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
+ NOTE: Fixed upstream together with CVE-2015-7702
CVE-2015-7690
RESERVED
CVE-2015-7689
@@ -6932,6 +6956,7 @@
REJECTED
CVE-2015-5196
RESERVED
+ NOTE: Appears to be the same as CVE-2015-7703
CVE-2015-5195 [ntpd crash when processing config commands with statistics type]
RESERVED
- ntp 1:4.2.8p3+dfsg-1 (low)
More information about the Secure-testing-commits
mailing list