[Secure-testing-commits] r51544 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-05-11 16:14:37 +0000 (Thu, 11 May 2017)
New Revision: 51544

Modified:
   data/CVE/list
Log:
Add information for openvpn issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-05-11 16:14:24 UTC (rev 51543)
+++ data/CVE/list	2017-05-11 16:14:37 UTC (rev 51544)
@@ -3738,12 +3738,18 @@
 	RESERVED
 CVE-2017-7480
 	RESERVED
-CVE-2017-7479
+CVE-2017-7479 [Drop packets instead of assert out if packet id rolls over]
 	RESERVED
 	- openvpn 2.4.0-5
-CVE-2017-7478
+	NOTE: https://github.com/OpenVPN/openvpn/commit/e498cb0ea8d3a451b39eaf6f9b6a7488f18250b8 (master)
+	NOTE: https://github.com/OpenVPN/openvpn/commit/591a4e574c43cb9e820950f15dcaabda261def78 (2.4.x)
+	NOTE: https://github.com/OpenVPN/openvpn/commit/b727643cdf4e078f132a90e1c474a879a5760578 (2.3.x)
+CVE-2017-7478 [Don't assert out on receiving too-large control packets]
 	RESERVED
 	- openvpn 2.4.0-5
+	NOTE: https://github.com/OpenVPN/openvpn/commit/5774cf4c25e1d8bf4e544702db8f157f111c9d93 (master)
+	NOTE: https://github.com/OpenVPN/openvpn/commit/66b99a0753352c5cc43e11e39835b6423112df98 (2.4.x)
+	NOTE: https://github.com/OpenVPN/openvpn/commit/feb35ee5cac605edddd6e9dc62941e2c53f96fb3 (2.3.x)
 CVE-2017-7477 (Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module ...)
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Introduced in 4.6)