[Secure-testing-commits] r55100 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Aug 26 09:08:04 UTC 2017


Author: carnil
Date: 2017-08-26 09:08:04 +0000 (Sat, 26 Aug 2017)
New Revision: 55100

Modified:
   data/CVE/list
Log:
Correct state for CVE-2017-7562/krb5, the certauth aku module support was added later

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-26 07:03:10 UTC (rev 55099)
+++ data/CVE/list	2017-08-26 09:08:04 UTC (rev 55100)
@@ -17224,7 +17224,7 @@
 	NOTE: https://github.com/libming/libming/issues/68
 CVE-2017-7562 [Make certauth eku module restrictive-only]
 	RESERVED
-	- krb5 <unfixed> (bug #873281)
+	- krb5 <not-affected> (Vulnerable code introduced later, cf. #873281)
 	NOTE: https://github.com/krb5/krb5/pull/694
 	NOTE: https://github.com/krb5/krb5/pull/694/commits/50fe4074f188c2d4da0c421e96553acea8378db2
 	NOTE: https://github.com/krb5/krb5/pull/694/commits/1de6ca2f2eb1fdbab51f1549a25a6903aefcc196




More information about the Secure-testing-commits mailing list