[Secure-testing-commits] r37309 - data/CVE
Ben Hutchings
benh at moszumanska.debian.org
Sun Oct 25 03:57:21 UTC 2015
Author: benh
Date: 2015-10-25 03:57:21 +0000 (Sun, 25 Oct 2015)
New Revision: 37309
Modified:
data/CVE/list
Log:
Fix list of commits for some ntp issues and add <not-affected> as appropriate
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-25 00:54:47 UTC (rev 37308)
+++ data/CVE/list 2015-10-25 03:57:21 UTC (rev 37309)
@@ -184,8 +184,6 @@
- ntp 1:4.2.8p4+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
NOTE: https://github.com/ntp-project/ntp/commit/aa44b5835d69d8ee031736bb8ee2730a514edb7d
- NOTE: https://github.com/ntp-project/ntp/commit/f92b3b986bbb3419b8cd1b9b5a40ecf3c955d885
- NOTE: https://github.com/ntp-project/ntp/commit/2fc399440d8a3b9f8056caf68b3ceb031be1ca6d
CVE-2015-7870
RESERVED
CVE-2015-7869
@@ -227,11 +225,17 @@
CVE-2015-7854
RESERVED
- ntp 1:4.2.8p4+dfsg-1
+ [jessie] - ntp <not-affected> (Bug introduced in 4.2.7p262)
+ [wheezy] - ntp <not-affected> (Bug introduced in 4.2.7p262)
+ [squeeze] - ntp <not-affected> (Bug introduced in 4.2.7p262)
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
- NOTE: https://github.com/ntp-project/ntp/commit/e182a2334ae6a2ab77ba3aad662f6ec676e59106
+ NOTE: https://github.com/ntp-project/ntp/commit/1bb401576f412532d8cdcca5509b85ad29605913
CVE-2015-7853
RESERVED
- ntp 1:4.2.8p4+dfsg-1
+ [jessie] - ntp <not-affected> (Bug introduced in 4.2.8p1-beta3)
+ [wheezy] - ntp <not-affected> (Bug introduced in 4.2.8p1-beta3)
+ [squeeze] - ntp <not-affected> (Bug introduced in 4.2.8p1-beta3)
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
NOTE: https://github.com/ntp-project/ntp/commit/8482b536f9494a5d45196ab5b7e13040f5940261
CVE-2015-7852
@@ -242,6 +246,9 @@
CVE-2015-7851
RESERVED
- ntp 1:4.2.8p4+dfsg-1
+ [jessie] - ntp <no-dsa> (Vulnerability only affects VMS)
+ [wheezy] - ntp <no-dsa> (Vulnerability only affects VMS)
+ [squeeze] - ntp <no-dsa> (Vulnerability only affects VMS)
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
NOTE: https://github.com/ntp-project/ntp/commit/184516e143ce4448ddb5b9876dd372008cc779f6
CVE-2015-7850
@@ -252,12 +259,17 @@
CVE-2015-7849
RESERVED
- ntp 1:4.2.8p4+dfsg-1
+ [jessie] - ntp <not-affected> (Bug introduced in 4.2.7p262)
+ [wheezy] - ntp <not-affected> (Bug introduced in 4.2.7p262)
+ [squeeze] - ntp <not-affected> (Bug introduced in 4.2.7p262)
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
NOTE: https://github.com/ntp-project/ntp/commit/9c22e66c8f2be6aa0c846f0d9804db20f93c105d
- NOTE: https://github.com/ntp-project/ntp/commit/1bb401576f412532d8cdcca5509b85ad29605913
CVE-2015-7848
RESERVED
- ntp 1:4.2.8p4+dfsg-1
+ [jessie] - ntp <not-affected> (Bug introduced in 4.2.7p131)
+ [wheezy] - ntp <not-affected> (Bug introduced in 4.2.7p131)
+ [squeeze] - ntp <not-affected> (Bug introduced in 4.2.7p131)
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
NOTE: https://github.com/ntp-project/ntp/commit/c04c3d3d940dfe1a53132925c4f51aef017d2e0f
CVE-2015-7847
@@ -668,7 +680,6 @@
RESERVED
- ntp 1:4.2.8p4+dfsg-3
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
- NOTE: Partially fixed upstream together with CVE-2015-7705
NOTE: Original ntp fix applied in 1:4.2.8p4+dfsg-1for CVE-2015-7704 is apparently broken
NOTE: http://lists.ntp.org/pipermail/pool/2015-October/007631.html
CVE-2015-7703
More information about the Secure-testing-commits
mailing list