[Secure-testing-commits] r53583 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jul 17 19:33:06 UTC 2017
Author: carnil
Date: 2017-07-17 19:33:06 +0000 (Mon, 17 Jul 2017)
New Revision: 53583
Modified:
data/CVE/list
Log:
Add CVE-2017-10979
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-17 19:30:47 UTC (rev 53582)
+++ data/CVE/list 2017-07-17 19:33:06 UTC (rev 53583)
@@ -1199,8 +1199,14 @@
NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
NOTE: This is not fully technically correct, the issue affects only the 2.x
NOTE: series but not 3.x.
-CVE-2017-10979
+CVE-2017-10979 [Write overflow in rad_coalesce]
RESERVED
+ - freeradius 3.0.12+dfsg-3
+ NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-202
+ NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/ae3ba0011e7d299e92c45300e0137a56a650e8f5
+ NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
+ NOTE: This is not fully technically correct, the issue affects only the 2.x
+ NOTE: series but not 3.x.
CVE-2017-10978
RESERVED
CVE-2017-1000082 (systemd v233 and earlier fails to safely parse usernames starting with ...)
More information about the Secure-testing-commits
mailing list