[Secure-testing-commits] r50572 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Apr 11 12:26:56 UTC 2017


Author: carnil
Date: 2017-04-11 12:26:55 +0000 (Tue, 11 Apr 2017)
New Revision: 50572

Modified:
   data/CVE/list
Log:
Add notes for two bogus linux reports/CVE

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-11 07:42:46 UTC (rev 50571)
+++ data/CVE/list	2017-04-11 12:26:55 UTC (rev 50572)
@@ -840,7 +840,8 @@
 CVE-2017-7319 (A vulnerability in the Linux kernel package 3.16.0-28 on Ubuntu 14.04 ...)
 	- linux <undetermined>
 	NOTE: https://packetstormsecurity.com/files/142008/Linux-Kernel-Ubuntu-14.04-LTS-SIGIO-Signal.html
-	TODO: check
+	NOTE: Bogus report, cf. as well https://bugzilla.novell.com/show_bug.cgi?id=1033438
+	NOTE: should possibly be REJECTed.
 CVE-2017-7318 (Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote command ...)
 	NOT-FOR-US: Siklu EtherHaul
 CVE-2017-7317
@@ -947,7 +948,8 @@
 CVE-2017-7286 (The Linux kernel package 3.16.0-28 on Ubuntu 14.04 LTS mishandles a ...)
 	- linux <undetermined>
 	NOTE: https://packetstormsecurity.com/files/141930/Linux-3.16.0-28-Integer-Overflow.html
-	TODO: check
+	NOTE: Bogus report, cf as well https://bugzilla.novell.com/show_bug.cgi?id=1033458
+	NOTE: and should possibly be REJECTed
 CVE-2016-10303
 	RESERVED
 CVE-2016-10302




More information about the Secure-testing-commits mailing list