From 5cb33d84f805e33ba06e74e57c2bcb8dfd12df5d Mon Sep 17 00:00:00 2001
From: Ben Hutchings <ben@decadent.org.uk>
Date: Mon, 17 Jun 2019 15:22:32 +0100
Subject: dsa-texts/4.9.168-1+deb9u3: Improve wording of some descriptions

---
 dsa-texts/4.9.168-1+deb9u3 | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

(limited to 'dsa-texts/4.9.168-1+deb9u3')

diff --git a/dsa-texts/4.9.168-1+deb9u3 b/dsa-texts/4.9.168-1+deb9u3
index 08d20e6b..187169dc 100644
--- a/dsa-texts/4.9.168-1+deb9u3
+++ b/dsa-texts/4.9.168-1+deb9u3
@@ -23,11 +23,12 @@ CVE-2019-5489
     obtain sensitive information from other processes that access the
     same memory-mapped file.
 
-CVE-2019-9500 CVE-2019-9503
+CVE-2019-9500, CVE-2019-9503
 
     Hugues Anguelkov discovered a buffer overflow and missing access
-    validation in the Broadcom Wifi driver, which could result in denial
-    of service or the execution of arbitrary code.
+    validation in the Broadcom FullMAC wifi driver (brcmfmac), which a
+    attacker on the same wifi network could use to cause denial of
+    service or the execution of arbitrary code.
 
 CVE-2019-11477
 
@@ -72,8 +73,10 @@ CVE-2019-11599
 CVE-2019-11815
 
     It was discovered that a use-after-free in the Reliable Datagram
-    Sockets protocol (blacklisted by default in Debian) could result in
-    denial of service and potentially privilege escalation.
+    Sockets protocol could result in denial of service and potentially
+    privilege escalation.  This protocol module (rds) is not auto-
+    loaded on Debian systems, so this issue only affects systems where
+    it is explicitly loaded.
 
 CVE-2019-11833
 
-- 
cgit v1.2.3