Add bug reference for CVE-2017-7559, #885576

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58986 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Salvatore Bonaccorso <carnil@debian.org> 2017-12-28 09:06:37 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-12-28 09:06:37 +0000
commit: 4a91d1b726ae9279963569d3b0d5c7353476a145 (patch)
tree: cd690f8dd82f7ebbdd6a91ddd365c7e91506a16f /data
parent: f3a488bb54a17d84bff0ca02edf3c002e5166d1e (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 8a56e6d9bb..9aa15aa226 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -38230,8 +38230,8 @@ CVE-2017-7560 (It was found that rhnsd PID files are created as world-writable t
 	NOTE: Introduced by: https://github.com/spacewalkproject/spacewalk/commit/75d9c00b96ab430221c5c7668baebebc74ddd67e
 CVE-2017-7559 [HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)]
 	RESERVED
-	- undertow <undetermined>
-	NOTE: For an incomplete fix of CVE-2017-2666
+	- undertow <unfixed> (bug #885576)
+	NOTE: CVE is for an incomplete fix of CVE-2017-2666
 	NOTE: Invalid characters were still allowed in the query string and path parameters.
 	TODO: check, asked for clarification to Red Hat: https://bugzilla.redhat.com/show_bug.cgi?id=1481665#c7
 CVE-2017-7558 [sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()]
author	Salvatore Bonaccorso <carnil@debian.org>	2017-12-28 09:06:37 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-12-28 09:06:37 +0000
commit	4a91d1b726ae9279963569d3b0d5c7353476a145 (patch)
tree	cd690f8dd82f7ebbdd6a91ddd365c7e91506a16f /data
parent	f3a488bb54a17d84bff0ca02edf3c002e5166d1e (diff)