[Secure-testing-commits] r54808 - data/CVE

Thu Aug 17 12:04:23 UTC 2017

Author: carnil
Date: 2017-08-17 12:04:23 +0000 (Thu, 17 Aug 2017)
New Revision: 54808

Modified:
   data/CVE/list
Log:
Add fedora patch reference for CVE-2017-10140/db

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-08-17 09:13:34 UTC (rev 54807)
+++ data/CVE/list	2017-08-17 12:04:23 UTC (rev 54808)
@@ -8090,6 +8090,8 @@
 	- db4.0 <removed>
 	- db <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/12/1
+	NOTE: Patch as used in Fedora: https://src.fedoraproject.org/rpms/libdb/raw/8047fa8580659fcae740c25e91b490539b8453eb/f/db-5.3.28-cwd-db_config.patch
+	NOTE: and is acknowledged by libdb upstream, cf. https://bugzilla.redhat.com/show_bug.cgi?id=1464032#c9
 CVE-2017-10139
 	RESERVED
 CVE-2017-10138


