[Git][security-tracker-team/security-tracker][master] Update note for CVE-2018-5710 after clarification with Benjamin Kaduk

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6c203623 by Salvatore Bonaccorso at 2018-04-29T20:13:26+02:00
Update note for CVE-2018-5710 after clarification with Benjamin Kaduk

Thanks: Benjamin Kaduk for the clarifications on CVE-2018-5709 and
CVE-2018-5710.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -13085,6 +13085,10 @@ CVE-2018-5710 (An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16
 	- krb5 <unfixed> (bug #889685)
 	[wheezy] - krb5 <not-affected> (all strlen() parameters are checked for NULL)
 	NOTE: https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)
+	NOTE: The CVE is a duplicate of the #891869 issue(s) due to reporter not
+	NOTE: having coordinated with upstream and the CVE assignment ist sill for
+	NOTE: slight different coverage. Thus keep it distinct (for now) and mark
+	NOTE: CVE-2018-5710 issue as well as fixed once #891869 is adressed.
 CVE-2018-5709 (An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. ...)
 	- krb5 <unfixed> (unimportant; bug #889684)
 	[wheezy] - krb5 <no-dsa> (Minor issue, according to Red Hat this is not a bug)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6c20362363b421cba8d874671f1ee0d186b0d374

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6c20362363b421cba8d874671f1ee0d186b0d374
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180429/db722bad/attachment-0001.html>