[Git][security-tracker-team/security-tracker][master] 2 commits: dnsmasq: use https for patch links

Sylvain Beucler beuc at debian.org
Sat Mar 20 12:05:23 GMT 2021 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8bf6e93a by Sylvain Beucler at 2021-03-20T12:22:07+01:00
dnsmasq: use https for patch links

- - - - -
6f231209 by Sylvain Beucler at 2021-03-20T13:04:07+01:00
CVE-2020-25686/dnsmasq: reference regression patches
from Ubuntu USN-4698-2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37321,39 +37321,45 @@ CVE-2020-25687 (A flaw was found in dnsmasq before version 2.83. A heap-based bu
 	{DSA-4844-1}
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
 CVE-2020-25686 (A flaw was found in dnsmasq before version 2.83. When receiving a quer ...)
 	{DSA-4844-1}
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=15b60ddf935a531269bb8c68198de012a4967156
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=6a6e06fbb0d4690507ceaf2bb6f0d8910f3d4914
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=15b60ddf935a531269bb8c68198de012a4967156
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=6a6e06fbb0d4690507ceaf2bb6f0d8910f3d4914
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=04490bf622ac84891aad6f2dd2edf83725decdee (regression)
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=12af2b171de0d678d98583e2190789e544440e02 (regression)
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=3f535da79e7a42104543ef5c7b5fa2bed819a78b (regression)
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=25e63f1e56f5acdcf91893a1b92ad1e0f2f552d8 (regression)
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=141a26f979b4bc959d8e866a295e24f8cf456920 (regression)
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=305cb79c5754d5554729b18a2c06fe7ce699687a (regression)
 CVE-2020-25685 (A flaw was found in dnsmasq before version 2.83. When getting a reply  ...)
 	{DSA-4844-1}
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2d765867c597db18be9d876c9c17e2c0fe1953cd
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2024f9729713fd657d65e64c2e4e471baa0a3e5b
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2d765867c597db18be9d876c9c17e2c0fe1953cd
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2024f9729713fd657d65e64c2e4e471baa0a3e5b
 CVE-2020-25684 (A flaw was found in dnsmasq before version 2.83. When getting a reply  ...)
 	{DSA-4844-1}
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=257ac0c5f7732cbc6aa96fdd3b06602234593aca
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=257ac0c5f7732cbc6aa96fdd3b06602234593aca
 CVE-2020-25683 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
 	{DSA-4844-1}
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
 CVE-2020-25682 (A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerabili ...)
 	{DSA-4844-1}
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
 CVE-2020-25681 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
 	{DSA-4844-1}
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
 CVE-2020-25680 (A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a  ...)
 	NOT-FOR-US: JBCS httpd
 CVE-2020-25679
@@ -114204,7 +114210,7 @@ CVE-2019-14834 (A vulnerability was found in dnsmasq before version 2.81, where
 	[buster] - dnsmasq <no-dsa> (Minor issue)
 	[stretch] - dnsmasq <no-dsa> (Minor issue)
 	[jessie] - dnsmasq <no-dsa> (Minor issue)
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=69bc94779c2f035a9fffdb5327a54c3aeca73ed5
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=69bc94779c2f035a9fffdb5327a54c3aeca73ed5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1764425
 CVE-2019-14833 (A flaw was found in Samba, all versions starting samba 4.5.0 before sa ...)
 	- samba 2:4.11.1+dfsg-2
@@ -115160,7 +115166,7 @@ CVE-2019-14513 (Improper bounds checking in Dnsmasq before 2.76 allows an attack
 	[buster] - dnsmasq <no-dsa> (Minor issue)
 	[stretch] - dnsmasq <no-dsa> (Minor issue)
 	NOTE: https://github.com/Slovejoy/dnsmasq-pre2.76
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=d3a8b39c7df2f0debf3b5f274a1c37a9e261f94e
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=d3a8b39c7df2f0debf3b5f274a1c37a9e261f94e
 CVE-2019-14512 (LimeSurvey 3.17.7+190627 has XSS via Boxes in application/extensions/P ...)
 	- limesurvey <itp> (bug #472802)
 CVE-2019-14511 (Sphinx Technologies Sphinx 3.1.1 by default has no authentication and  ...)
@@ -218747,8 +218753,8 @@ CVE-2017-15107 (A vulnerability was found in the implementation of DNSSEC in Dns
 	[jessie] - dnsmasq <no-dsa> (Minor issue)
 	[wheezy] - dnsmasq <no-dsa> (Minor issue)
 	NOTE: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2018q1/011896.html
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=4fe6744a220eddd3f1749b40cac3dfc510787de6
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=cd7df612b14ec1bf831a966ccaf076be0dae7404
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=4fe6744a220eddd3f1749b40cac3dfc510787de6
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=cd7df612b14ec1bf831a966ccaf076be0dae7404
 	NOTE: https://medium.com/nlnetlabs/the-peculiar-case-of-nsec-processing-using-expanded-wildcard-records-ae8285f236be
 CVE-2017-15106
 	RESERVED
@@ -220707,7 +220713,7 @@ CVE-2017-14496 (Integer underflow in the add_pseudoheader function in dnsmasq be
 	[jessie] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
-	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=897c113fda0886a28a986cc6ba17bb93bd6cb1c7
+	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=897c113fda0886a28a986cc6ba17bb93bd6cb1c7
 CVE-2017-14495 (Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id o ...)
 	- dnsmasq 2.78-1
 	[stretch] - dnsmasq 2.76-5+deb9u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3aea448fef0b78331cbc842897ef8e6f9126cafd...6f23120915ffd3e08bb49e1d74070394f64d6a65

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3aea448fef0b78331cbc842897ef8e6f9126cafd...6f23120915ffd3e08bb49e1d74070394f64d6a65
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210320/4ab700ab/attachment.htm>

More information about the debian-security-tracker-commits mailing list