[Secure-testing-commits] r56434 - data/CVE

[Ben Hutchings]

Author: benh
Date: 2017-10-05 16:28:22 +0000 (Thu, 05 Oct 2017)
New Revision: 56434

Modified:
   data/CVE/list
Log:
Update status of recent dnsmasq CVEs in wheezy and jessie

Two don't apply to wheezy.  One was wrongly marked as not affecting jessie.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-05 14:59:39 UTC (rev 56433)
+++ data/CVE/list	2017-10-05 16:28:22 UTC (rev 56434)
@@ -1505,13 +1505,13 @@
 CVE-2017-14496 (Integer underflow in the add_pseudoheader function in dnsmasq before ...)
 	- dnsmasq 2.78-1
 	[stretch] - dnsmasq 2.76-5+deb9u1
-	[jessie] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=897c113fda0886a28a986cc6ba17bb93bd6cb1c7
 CVE-2017-14495 (Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id ...)
 	- dnsmasq 2.78-1
 	[stretch] - dnsmasq 2.76-5+deb9u1
 	[jessie] - dnsmasq <not-affected> (Vulnerable code introduced later)
+	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=51eadb692a5123b9838e5a68ecace3ac579a3a45
 CVE-2017-14494 (dnsmasq before 2.78, when configured as a relay, allows remote ...)
@@ -1522,6 +1522,7 @@
 CVE-2017-14493 (Stack-based buffer overflow in dnsmasq before 2.78 allows remote ...)
 	{DSA-3989-1}
 	- dnsmasq 2.78-1
+	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=3d4ff1ba8419546490b464418223132529514033
 CVE-2017-14492 (Heap-based buffer overflow in dnsmasq before 2.78 allows remote ...)