[Secure-testing-commits] r51573 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Fri May 12 10:06:36 UTC 2017
Author: hertzog
Date: 2017-05-12 10:06:35 +0000 (Fri, 12 May 2017)
New Revision: 51573
Modified:
data/CVE/list
Log:
Mark CVE-2016-9042 as not-affecting wheezy either
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-12 09:24:20 UTC (rev 51572)
+++ data/CVE/list 2017-05-12 10:06:35 UTC (rev 51573)
@@ -25667,10 +25667,11 @@
RESERVED
- ntp 1:4.2.8p10+dfsg-1
[jessie] - ntp <not-affected> (Doesn't use the affected upstream patch)
+ [wheezy] - ntp <not-affected> (Doesn't use the affected upstream patch)
NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0260/
NOTE: http://support.ntp.org/bin/view/Main/NtpBug3361
NOTE: This vulnerability affects the upstream fix for CVE-2015-8138, but Debian
- NOTE: jessie (and probably also wheezy) use a less invasive patch by Miroslav Lichvar
+ NOTE: jessie and wheezy use a less invasive patch by Miroslav Lichvar
NOTE: of Red Hat, as available here:
NOTE: http://pkgs.fedoraproject.org/cgit/rpms/ntp.git/tree/ntp-4.2.6p5-cve-2015-8138.patch?h=f24
CVE-2016-9041
More information about the Secure-testing-commits
mailing list