diff options
author | Sylvain Beucler <beuc@beuc.net> | 2020-06-06 12:37:12 +0200 |
---|---|---|
committer | Sylvain Beucler <beuc@beuc.net> | 2020-06-06 12:37:17 +0200 |
commit | 2f1fee254a886c8d76980c4f5902debd9180d54b (patch) | |
tree | 1f2b53db617ad9b9286ba9747ce6173900b09d02 /data | |
parent | 0e27828654a4cc7d095af34fd589807d7085fde3 (diff) |
CVE-2020-13817,CVE-2018-8956/ntp: jessie triage
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 2 | ||||
-rw-r--r-- | data/dla-needed.txt | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index 32aea0def1..742a99918a 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -111,6 +111,7 @@ CVE-2020-13818 (In Zoho ManageEngine OpManager before 125144, when <cachestar NOT-FOR-US: Zoho ManageEngine OpManager CVE-2020-13817 (ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote att ...) - ntp 1:4.2.8p14+dfsg-1 + [jessie] - ntp <ignored> (Too intrusive to backport, requires new configuration) NOTE: http://support.ntp.org/bin/view/Main/NtpBug3596 NOTE: https://bugs.ntp.org/show_bug.cgi?id=3596 NOTE: http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=5e312021VVVkyioYBR_aeIP1LqMCVg (4.2.8p14) @@ -120508,6 +120509,7 @@ CVE-2018-8956 (ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remot - ntp <unfixed> (low) [buster] - ntp <no-dsa> (Minor issue) [stretch] - ntp <no-dsa> (Minor issue) + [jessie] - ntp <postponed> (Minor issue, requires being part of same broadcast network, no patch) NOTE: https://arxiv.org/abs/2005.01783 NOTE: https://nikhiltripathi.in/NTP_attack.pdf NOTE: https://tools.ietf.org/html/rfc5905 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 9e67c70e45..9cd9d462f7 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -91,8 +91,6 @@ nginx -- nss (Adrian Bunk) -- -ntp --- opendmarc (Thorsten Alteholz) NOTE: 20200511: new CVEs arrived (thorsten) NOTE: 20200524: testing package |