[Git][security-tracker-team/security-tracker][master] CVEs assigned for dhcpcd5 issues
Salvatore Bonaccorso
carnil at debian.org
Sun Apr 28 18:26:17 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c5ebd52c by Salvatore Bonaccorso at 2019-04-28T17:25:42Z
CVEs assigned for dhcpcd5 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
-CVE-2019-XXXX [DHCPv6: Fix a potential buffer overflow reading NA/TA addresses]
+CVE-2019-11577 [DHCPv6: Fix a potential buffer overflow reading NA/TA addresses]
- dhcpcd5 <unfixed> (bug #928105)
[stretch] - dhcpcd5 <not-affected> (Vulnerable code not present)
NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=8d11b33f6c60e2db257130fa383ba76b6018bcf6
-CVE-2019-XXXX [DHCP: Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED]
+CVE-2019-11579 [DHCP: Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED]
- dhcpcd5 <unfixed> (bug #928104)
NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=4b67f6f1038fd4ad5ca7734eaaeba1b2ec4816b8
-CVE-2019-XXXX [auth: Use consttime_memequal to avoid latency attack]
+CVE-2019-11578 [auth: Use consttime_memequal to avoid latency attack]
- dhcpcd5 <unfixed> (bug #928056)
NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=7121040790b611ca3fbc400a1bbcd4364ef57233
NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=cfde89ab66cb4e5957b1c4b68ad6a9449e2784da
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c5ebd52c7852fcc8a9f7dacb1e7ac21ee97ecb72
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c5ebd52c7852fcc8a9f7dacb1e7ac21ee97ecb72
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190428/3b64137c/attachment.html>
More information about the debian-security-tracker-commits
mailing list