[Secure-testing-commits] r38792 - data/CVE

Sat Jan 9 09:53:10 UTC 2016

Author: carnil
Date: 2016-01-09 09:53:06 +0000 (Sat, 09 Jan 2016)
New Revision: 38792

Modified:
   data/CVE/list
Log:
Update CVE-2015-876{2,3,4}/freeradius

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-01-09 09:51:15 UTC (rev 38791)
+++ data/CVE/list	2016-01-09 09:53:06 UTC (rev 38792)
@@ -605,13 +605,13 @@
 	RESERVED
 	- radicale <not-affected> (Only an issue on MS Windows)
 CVE-2015-8764 [one byte buffer overrun]
-	- freeradius <unfixed>
+	- freeradius <not-affected> (Affects 3.0 up to 3.0.8)
 	NOTE: http://freeradius.org/security.html#eap-pwd-2015
 CVE-2015-8763 [commit/confirm message payload length is not validated]
-	- freeradius <unfixed>
+	- freeradius <not-affected> (Affects 3.0 up to 3.0.8)
 	NOTE: http://freeradius.org/security.html#eap-pwd-2015
 CVE-2015-8762 [The EAP-PWD packet length is not checked before the first byte is dereferenced]
-	- freeradius <unfixed>
+	- freeradius <not-affected> (Affects 3.0 up to 3.0.8)
 	NOTE: http://freeradius.org/security.html#eap-pwd-2015
 CVE-2015-8751
 	RESERVED


