Attachment 207465 Details for Bug 240399 – add vuxml entry

[patch] add vuxml entry

kea.1.5.0-vuxml-entry.diff (text/plain), 1.58 KB, created by Andrey Pevnev on 2019-09-13 13:48:25 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Andrey Pevnev

Created: 2019-09-13 13:48:25 UTC

Size: 1.58 KB

patch

obsolete

>Index: vuln.xml
>===================================================================
>--- vuln.xml	(revision 511916)
>+++ vuln.xml	(working copy)
>@@ -58,6 +58,37 @@
> * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
> -->
> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
>+ <vuln vid="20b92374-d62a-11e9-af73-001b217e4ee5">
>+ <topic>ISC KEA -- Multiple vulnerabilities</topic>
>+ <affects>
>+ <package>
>+	<name>kea</name>
>+	<range><lt>1.0.6</lt></range>
>+ </package>
>+ </affects>
>+ <description>
>+ <body xmlns="http://www.w3.org/1999/xhtml">
>+	Internet Systems Consortium, Inc. reports:
>+	<blockquote cite="https://gitlab.isc.org/isc-projects/kea/issues">
>+	 A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate (CVE-2019-6472) [Medium]
>+	 An invalid hostname option can cause the kea-dhcp4 server to terminate (CVE-2019-6473) [Medium]
>+	 An oversight when validating incoming client requests can lead to a situation where the Kea server 
>+	 will exit when trying to restart (CVE-2019-6474) [Medium]
>+	</blockquote>
>+ </body>
>+ </description>
>+ <references>
>+ <url>https://gitlab.isc.org/isc-projects/kea/issues</url>
>+ <cvename>CVE-2019-6472</cvename>
>+ <cvename>CVE-2019-6473</cvename>
>+ <cvename>CVE-2019-6474</cvename>
>+ </references>
>+ <dates>
>+ <discovery>2019-08-28</discovery>
>+ <entry>2019-09-13</entry>
>+ </dates>
>+ </vuln>
>+
> <vuln vid="9e0c6f7a-d46d-11e9-a1c7-b499baebfeaf">
> <topic>OpenSSL -- Multiple vulnerabilities</topic>
> <affects>

Actions: View | Diff

Attachments on bug 240399: 207268 | 207309 | 207465