[Secure-testing-commits] r40777 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Apr 5 19:18:19 UTC 2016
Author: carnil
Date: 2016-04-05 19:18:19 +0000 (Tue, 05 Apr 2016)
New Revision: 40777
Modified:
data/CVE/list
Log:
Two dhcpcd5 issues fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-05 19:15:45 UTC (rev 40776)
+++ data/CVE/list 2016-04-05 19:18:19 UTC (rev 40777)
@@ -7113,14 +7113,14 @@
NOTE: Introduced in 1.4.36: http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2976
CVE-2016-1503 [heap overflow via malformed dhcp responses in print_option (via dhcp_envoption1) due to incorrect option length values]
RESERVED
- - dhcpcd5 <unfixed> (bug #810621)
+ - dhcpcd5 6.10.1-1 (bug #810621)
- dhcpcd <not-affected> (Vulnerable code not present)
NOTE: http://roy.marples.name/projects/dhcpcd/info/76a1609352263bd9def1300d7ba990679571fa30
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/07/3
NOTE: dhcpcd 3.2.3-<rev> in squeeze and wheezy differ very much from dhcpcd5 in later Debian versions.
CVE-2016-1504 [invalid read/crash via malformed dhcp responses]
RESERVED
- - dhcpcd5 <unfixed> (bug #810620)
+ - dhcpcd5 6.10.1-1 (bug #810620)
- dhcpcd <not-affected> (Vulnerable code not present)
[squeeze] - dhcpcd <not-affected> (Vulnerable code not present)
NOTE: http://roy.marples.name/projects/dhcpcd/info/595883e2a431f65d8fabf33059aa4689cca17403
More information about the Secure-testing-commits
mailing list