[Secure-testing-commits] r41276 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Apr 29 10:31:54 UTC 2016 

Author: carnil
Date: 2016-04-29 10:31:54 +0000 (Fri, 29 Apr 2016)
New Revision: 41276

Modified:
   data/CVE/list
Log:
First round of ntp fixes added, need to check the ones from january

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-04-29 10:20:09 UTC (rev 41275)
+++ data/CVE/list	2016-04-29 10:31:54 UTC (rev 41276)
@@ -5016,23 +5016,23 @@
 	RESERVED
 CVE-2016-2519
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	TODO: check
 CVE-2016-2518
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	TODO: check
 CVE-2016-2517
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: CVE-2016-2517 is for a regression caused by the patch for CVE-2016-2516
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	TODO: check
 CVE-2016-2516
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	TODO: check
 CVE-2016-2514
@@ -8374,27 +8374,27 @@
 	NOTE: https://github.com/facebook/hhvm/commit/f21dccdde582c61d5a9b52dd821bcb1f08169d28
 CVE-2016-1551
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	TODO: check
 CVE-2016-1550
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	TODO: check
 CVE-2016-1549
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	TODO: check
 CVE-2016-1548
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	TODO: check
 CVE-2016-1547
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	TODO: check
 CVE-2016-1546
@@ -14160,7 +14160,7 @@
 	RESERVED
 CVE-2015-8158 [Potential Infinite Loop in ntpq]
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2948
 	TODO: check
@@ -14212,7 +14212,7 @@
 	NOTE: Mitigated in 4.2.8p6
 CVE-2015-8138 [ntp: missing check for zero originate timestamp]
 	RESERVED
-	- ntp <unfixed>
+	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0077/
 	NOTE: https://github.com/ntp-project/ntp/commit/880191b72409a1965712999d248d70e6f7163af8
 	NOTE: The upstream fix for this issue is reported to be incomplete:

More information about the Secure-testing-commits mailing list