[Secure-testing-commits] r53580 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-07-17 19:30:26 +0000 (Mon, 17 Jul 2017)
New Revision: 53580

Modified:
   data/CVE/list
Log:
Add CVE-2017-10982

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-17 19:25:37 UTC (rev 53579)
+++ data/CVE/list	2017-07-17 19:30:26 UTC (rev 53580)
@@ -1175,8 +1175,14 @@
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-206
 	NOTE: 2.x: https://github.com/FreeRADIUS/freeradius-server/commit/ec08b30f87066f82073d02fab57e8ffeef81373d
 	NOTE: 3.x: https://github.com/FreeRADIUS/freeradius-server/commit/5759b20af99af6d30924f0efd8da5eac2a17163d
-CVE-2017-10982
+CVE-2017-10982 [DHCP - Read overflow in fr_dhcp_decode_options()]
 	RESERVED
+	- freeradius 3.0.12+dfsg-3
+	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-205
+	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/10b6de9345c9e0d9d4d5e0426fa5c3d68d702875
+	NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
+	NOTE: This is not fully technically correct, the issue affects only the 2.x
+	NOTE: series but not 3.x.
 CVE-2017-10981
 	RESERVED
 CVE-2017-10980