[Secure-testing-commits] r54537 - data/CVE
Sebastien Delafond
seb at moszumanska.debian.org
Thu Aug 10 14:47:26 UTC 2017
Author: seb
Date: 2017-08-10 14:47:26 +0000 (Thu, 10 Aug 2017)
New Revision: 54537
Modified:
data/CVE/list
Log:
Manually record freeradius versions fixing recent CVE entries via DSA-3930-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-10 14:45:21 UTC (rev 54536)
+++ data/CVE/list 2017-08-10 14:47:26 UTC (rev 54537)
@@ -4643,24 +4643,28 @@
REJECTED
CVE-2017-10987 (An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - ...)
- freeradius 3.0.15+dfsg-1 (bug #868765)
+ [stretch] - freeradius 3.0.12+dfsg-5+deb9u1
[jessie] - freeradius <not-affected> (Only affects 3.x series)
[wheezy] - freeradius <not-affected> (Only affects 3.x series)
NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-304
NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/19a18bf7c8af649c9e9742fb6a046f6aff639866
CVE-2017-10986 (An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - ...)
- freeradius 3.0.15+dfsg-1 (bug #868765)
+ [stretch] - freeradius 3.0.12+dfsg-5+deb9u1
[jessie] - freeradius <not-affected> (Only affects 3.x series)
[wheezy] - freeradius <not-affected> (Only affects 3.x series)
NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-303
NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/21e2e95751bfb54c0fb0328392d06671a75c191c
CVE-2017-10985 (An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite ...)
- freeradius 3.0.15+dfsg-1 (bug #868765)
+ [stretch] - freeradius 3.0.12+dfsg-5+deb9u1
[jessie] - freeradius <not-affected> (Only affects 3.x series)
[wheezy] - freeradius <not-affected> (Only affects 3.x series)
NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-302
NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/6726c16549b131ed39f6f8886cdf5d9d922a9a97
CVE-2017-10984 (An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write ...)
- freeradius 3.0.15+dfsg-1 (bug #868765)
+ [stretch] - freeradius 3.0.12+dfsg-5+deb9u1
[jessie] - freeradius <not-affected> (Only affects 3.x series)
[wheezy] - freeradius <not-affected> (Only affects 3.x series)
NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-301
@@ -4673,6 +4677,7 @@
NOTE: 3.x: https://github.com/FreeRADIUS/freeradius-server/commit/5759b20af99af6d30924f0efd8da5eac2a17163d
CVE-2017-10982 (An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - ...)
- freeradius 3.0.12+dfsg-3
+ [jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-205
NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/10b6de9345c9e0d9d4d5e0426fa5c3d68d702875
NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
@@ -4680,6 +4685,7 @@
NOTE: series but not 3.x.
CVE-2017-10981 (An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - ...)
- freeradius 3.0.12+dfsg-3
+ [jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-204
NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/812766e2150faa07b4c574e51393b014feaffe6c
NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
@@ -4687,6 +4693,7 @@
NOTE: series but not 3.x.
CVE-2017-10980 (An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - ...)
- freeradius 3.0.12+dfsg-3
+ [jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-203
NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/ef0727fc68e211a36637b5c4e4a6fa1326f0a029
NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
@@ -4694,6 +4701,7 @@
NOTE: series but not 3.x.
CVE-2017-10979 (An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write ...)
- freeradius 3.0.12+dfsg-3
+ [jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-202
NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/ae3ba0011e7d299e92c45300e0137a56a650e8f5
NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
More information about the Secure-testing-commits
mailing list