diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-05 08:40:22 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-05 08:40:22 +0200 |
commit | 85652660ffd9ea43faec722a28f1aaec828acd6e (patch) | |
tree | a252d7f491eef1413c3de00a7fa8ae7020bada81 /data/CVE/list.2019 | |
parent | f466095497d0afec357d7d80f94dd067eb37beac (diff) |
Add noe for CVE-2019-0053/inetutils
There was a followup fix for inetutils not directly covered by the CVE
which fixed a following infitinte loop causing stack exhaustion, as
noted by Adrian Bunk.
Link: https://bugs.debian.org/945861#30
Diffstat (limited to 'data/CVE/list.2019')
-rw-r--r-- | data/CVE/list.2019 | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index c01584dab5..1709087252 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -53762,6 +53762,9 @@ CVE-2019-0053 (Insufficient validation of environment variables in the telnet cl NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:12.telnet.asc NOTE: https://raw.githubusercontent.com/hackerhouse-opensource/exploits/master/inetutils-telnet.txt NOTE: https://www.openwall.com/lists/oss-security/2018/12/14/8 + NOTE: Additional patch to fix infinite loop causing stack exhaustion (but not + NOTE: directly covered by this CVE applied in inetutils/2:2.2-2): + NOTE: https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/diff/?id=0d246b17e51060daac8a26848a8d9e5722fcca24 CVE-2019-0052 (The srxpfe process may crash on SRX Series services gateways when the ...) NOT-FOR-US: Juniper CVE-2019-0051 (SSL-Proxy feature on SRX devices fails to handle a hardware resource l ...) |