[Secure-testing-commits] r55074 - data/CVE

[Markus Koschany]

Author: apo
Date: 2017-08-25 15:49:08 +0000 (Fri, 25 Aug 2017)
New Revision: 55074

Modified:
   data/CVE/list
Log:
CVE-2017-10982,freeradius: Wheezy is not affected

The function fr_dhcp_decode_options does not exist in this version.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-25 15:19:31 UTC (rev 55073)
+++ data/CVE/list	2017-08-25 15:49:08 UTC (rev 55074)
@@ -7367,6 +7367,7 @@
 CVE-2017-10982 (An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - ...)
 	- freeradius 3.0.12+dfsg-3
 	[jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
+	[wheezy] - freeradius <not-affected> (vulnerable code not present)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-205
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/10b6de9345c9e0d9d4d5e0426fa5c3d68d702875
 	NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable