[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Correct references to commits for isc-dhcp

Salvatore Bonaccorso carnil at debian.org
Sat Mar 3 13:41:32 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f4a8548a by Salvatore Bonaccorso at 2018-03-03T14:40:27+01:00
Correct references to commits for isc-dhcp

While triaging I swapped the two commits, and wrongly associated the one
for CVE-2018-5732 with CVE-2018-5733 and viceversa.

Reference the (yet) non-public bug reports.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5566,13 +5566,15 @@ CVE-2018-5733 [A malicious client can overflow a reference counter in ISC dhcpd]
 	RESERVED
 	- isc-dhcp <unfixed> (bug #891785)
 	NOTE: https://kb.isc.org/article/AA-01567/75/CVE-2018-5733
-	NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=c5931725b48b121d232df4ba9e45bc41e0ba114d (4.4.1)
+	NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=47140
+	NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=197b26f25309f947b97a83b8fdfc414b767798f8 (4.4.1)
 	NOTE: Fixes for 4.3.6p1: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3
 CVE-2018-5732 [A specially constructed response from a malicious server can cause a buffer overflow in dhclient]
 	RESERVED
 	- isc-dhcp <unfixed> (bug #891786)
 	NOTE: https://kb.isc.org/article/AA-01565/75/CVE-2018-5732
-	NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=197b26f25309f947b97a83b8fdfc414b767798f8 (4.4.1)
+	NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=47139
+	NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=c5931725b48b121d232df4ba9e45bc41e0ba114d (4.4.1)
 	NOTE: Fixes for 4.3.6p1: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3
 CVE-2018-1000005 (libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in ...)
 	- curl 7.58.0-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4a8548afc2e821a79e68cb21177d5fa5b42cd2d

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4a8548afc2e821a79e68cb21177d5fa5b42cd2d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180303/2f965f52/attachment.html>

More information about the Secure-testing-commits mailing list