Add noe for CVE-2019-0053/inetutils

There was a followup fix for inetutils not directly covered by the CVE which fixed a following infitinte loop causing stack exhaustion, as noted by Adrian Bunk. Link: https://bugs.debian.org/945861#30
author: Salvatore Bonaccorso <carnil@debian.org> 2021-09-05 08:40:22 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-09-05 08:40:22 +0200
commit: 85652660ffd9ea43faec722a28f1aaec828acd6e (patch)
tree: a252d7f491eef1413c3de00a7fa8ae7020bada81 /data/CVE/list.2019
parent: f466095497d0afec357d7d80f94dd067eb37beac (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index c01584dab5..1709087252 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -53762,6 +53762,9 @@ CVE-2019-0053 (Insufficient validation of environment variables in the telnet cl
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:12.telnet.asc
 	NOTE: https://raw.githubusercontent.com/hackerhouse-opensource/exploits/master/inetutils-telnet.txt
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/14/8
+	NOTE: Additional patch to fix infinite loop causing stack exhaustion (but not
+	NOTE: directly covered by this CVE applied in inetutils/2:2.2-2):
+	NOTE: https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/diff/?id=0d246b17e51060daac8a26848a8d9e5722fcca24
 CVE-2019-0052 (The srxpfe process may crash on SRX Series services gateways when the  ...)
 	NOT-FOR-US: Juniper
 CVE-2019-0051 (SSL-Proxy feature on SRX devices fails to handle a hardware resource l ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-09-05 08:40:22 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-09-05 08:40:22 +0200
commit	85652660ffd9ea43faec722a28f1aaec828acd6e (patch)
tree	a252d7f491eef1413c3de00a7fa8ae7020bada81 /data/CVE/list.2019
parent	f466095497d0afec357d7d80f94dd067eb37beac (diff)