[Git][security-tracker-team/security-tracker][master] Clarifiy notes on followup fixes

Salvatore Bonaccorso carnil at debian.org
Fri Jul 26 22:13:53 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f3d8fbc7 by Salvatore Bonaccorso at 2019-07-26T21:12:50Z
Clarifiy notes on followup fixes

There is not really an issue with the CVE-2018-1000156, but make clear
what the functional regression is about and reference the reported
Debian bug in the BTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -196371,10 +196371,10 @@ CVE-2018-1000156 (GNU Patch version 2.7.6 contains an input validation vulnerabi
 	NOTE: http://git.savannah.gnu.org/cgit/patch.git/commit/?id=123eaff0d5d1aebe128295959435b9ca5909c26d
 	NOTE: Respective patch in FreeBSD: https://www.freebsd.org/security/advisories/FreeBSD-SA-15:18.bsdpatch.asc
 	NOTE: Respective patch in OpenBSD: https://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/013_patch.patch.sig
-	NOTE: Regression with only the initial commit:
+	NOTE: (Functional) regression/issue introduced with only the initial commit:
 	NOTE: https://savannah.gnu.org/bugs/?53820
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1092500
-	NOTE: Followup fixes:
+	NOTE: Followup fixes needed to address https://bugs.debian.org/933140
 	NOTE: http://git.savannah.gnu.org/cgit/patch.git/commit/?id=19599883ffb6a450d2884f081f8ecf68edbed7ee
 	NOTE: http://git.savannah.gnu.org/cgit/patch.git/commit/?id=369dcccdfa6336e5a873d6d63705cfbe04c55727
 CVE-2015-1417 (The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 10.2-BETA2-p2 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f3d8fbc731f7bfed99485ca35cebd79964eb73a0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f3d8fbc731f7bfed99485ca35cebd79964eb73a0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190726/b414da49/attachment.html>


More information about the debian-security-tracker-commits mailing list