[Secure-testing-commits] r40453 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Mar 18 18:44:09 UTC 2016
Author: carnil
Date: 2016-03-18 18:44:09 +0000 (Fri, 18 Mar 2016)
New Revision: 40453
Modified:
data/CVE/list
Log:
Update CVE-2016-1503/dhcpcd
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-18 18:13:03 UTC (rev 40452)
+++ data/CVE/list 2016-03-18 18:44:09 UTC (rev 40453)
@@ -5776,12 +5776,10 @@
CVE-2016-1503 [heap overflow via malformed dhcp responses in print_option (via dhcp_envoption1) due to incorrect option length values]
RESERVED
- dhcpcd5 <unfixed> (bug #810621)
- - dhcpcd <removed>
- [squeeze] - dhcpcd <not-affected> (Vulnerable code not present)
+ - dhcpcd <not-affected> (Vulnerable code not present)
NOTE: http://roy.marples.name/projects/dhcpcd/info/76a1609352263bd9def1300d7ba990679571fa30
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/07/3
NOTE: dhcpcd 3.2.3-<rev> in squeeze and wheezy differ very much from dhcpcd5 in later Debian versions.
- TODO: check affected versions
CVE-2016-1504 [invalid read/crash via malformed dhcp responses]
RESERVED
- dhcpcd5 <unfixed> (bug #810620)
More information about the Secure-testing-commits
mailing list