[Secure-testing-commits] r46451 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 22 15:12:32 UTC 2016
Author: carnil
Date: 2016-11-22 15:12:32 +0000 (Tue, 22 Nov 2016)
New Revision: 46451
Modified:
data/CVE/list
Log:
Clarify CVE-2016-7433 affected version, but underlying bug exists in all ntp-4 versions
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-22 15:05:13 UTC (rev 46450)
+++ data/CVE/list 2016-11-22 15:12:32 UTC (rev 46451)
@@ -6371,8 +6371,12 @@
CVE-2016-7433
RESERVED
- ntp 1:4.2.8p9+dfsg-1
- [wheezy] - ntp <no-dsa> (Minor problem)
+ [jessie] - ntp <not-affected> (Vulnerable code introduced in ntp-4.2.7p385)
+ [wheezy] - ntp <not-affected> (Vulnerable code introduced in ntp-4.2.7p385)
NOTE: http://support.ntp.org/bin/view/Main/NtpBug3067
+ NOTE: Although the CVE is only for the issue introduced by the fix for
+ NOTE: http://bugs.ntp.org/show_bug.cgi?id=2085, he root-distance calculation
+ NOTE: itself in general is incorrect in all version of ntp-4 until ntp-4.2.8p9
CVE-2016-7432
RESERVED
CVE-2016-7431
More information about the Secure-testing-commits
mailing list