[Git][security-tracker-team/security-tracker][master] 389 triage
Moritz Muehlenhoff
jmm at debian.org
Sun Jul 15 21:41:26 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2de0a2da by Moritz Muehlenhoff at 2018-07-15T22:35:45+02:00
389 triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -44481,6 +44481,7 @@ CVE-2017-15136 (When registering and activating a new system with Red Hat Satell
NOT-FOR-US: Red Hat Satellite 6
CVE-2017-15135 (It was found that 389-ds-base since 1.3.6.1 up to and including ...)
- 389-ds-base 1.3.7.9-1 (bug #888451)
+ [stretch] - 389-ds-base <not-affected> (Affected code was never backported)
[jessie] - 389-ds-base <not-affected> (vulnerable code (patch for CVE-2016-5405) not applied)
CVE-2017-15134 (A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x ...)
{DLA-1428-1}
@@ -102588,6 +102589,7 @@ CVE-2016-5406 (The domain controller in Red Hat JBoss Enterprise Application Pla
NOT-FOR-US: JBoss EAP
CVE-2016-5405 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...)
- 389-ds-base 1.3.5.15-1 (bug #842121)
+ [stretch] - 389-ds-base <ignored> (Minor issue, only affects inherently insecure setups)
[jessie] - 389-ds-base <no-dsa> (minor issue)
NOTE: This affects systems storing passwords in plain text.
NOTE: Systems using unsalted hashes might be unsafe as well if using weak
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2de0a2da368d6fda86cabe1d85628b410417a38f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2de0a2da368d6fda86cabe1d85628b410417a38f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180715/89acde2c/attachment.html>
More information about the debian-security-tracker-commits
mailing list