Replace dropbear repository reference with working URL

Apparently repository moved from https://secure.ucc.asn.au/hg/dropbear to https://hg.ucc.asn.au/dropbear and so replace previous references.
author: Salvatore Bonaccorso <carnil@debian.org> 2020-12-31 21:08:53 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-12-31 21:10:57 +0100
commit: 484726e450765413d243cbd18d316964e461a07f (patch)
tree: b381965a1602bdd9b7f8571967fd6e6b1c2c803e /data
parent: 21546eaa0c52cd42fcea8a46b4796fa25e528a35 (diff)
4 files changed, 9 insertions, 9 deletions
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index 73e8310755..d697b9c52b 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -7999,7 +7999,7 @@ CVE-2013-4421 (The buf_decompress function in packet.c in Dropbear SSH Server be
 	- dropbear 2012.55-1.4 (low; bug #726019)
 	[squeeze] - dropbear <no-dsa> (Minor issue)
 	[wheezy] - dropbear <no-dsa> (Minor issue)
-	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/0bf76f54de6f
+	NOTE: https://hg.ucc.asn.au/dropbear/rev/0bf76f54de6f
 CVE-2013-4420 (Multiple directory traversal vulnerabilities in the (1) tar_extract_gl ...)
 	{DSA-2863-1}
 	- libtar 1.2.20-2 (bug #731860)
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 255f11c3ee..454b6a59a8 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -10729,24 +10729,24 @@ CVE-2016-7410 (The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 2
 	NOTE: Introduced by (as confirmed by upstream): https://sourceforge.net/p/libdwarf/code/ci/b446e23dc21704ccd3b76d8945aaf39e4aca8c27
 CVE-2016-7409 (The dbclient and server in Dropbear SSH before 2016.74, when compiled  ...)
 	- dropbear 2016.74-1 (unimportant)
-	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/6a14b1f6dc04
+	NOTE: https://hg.ucc.asn.au/dropbear/rev/6a14b1f6dc04
 	NOTE: Not an issue for the the Debian binary package since we do not
 	NOTE: compile with DEBUG_TRACE.
 CVE-2016-7408 (The dbclient in Dropbear SSH before 2016.74 allows remote attackers to ...)
 	- dropbear 2016.74-1
 	[jessie] - dropbear 2014.65-1+deb8u1
 	[wheezy] - dropbear <not-affected> (Vulnerable code not present)
-	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/eed9376a4ad6
+	NOTE: https://hg.ucc.asn.au/dropbear/rev/eed9376a4ad6
 CVE-2016-7407 (The dropbearconvert command in Dropbear SSH before 2016.74 allows atta ...)
 	{DLA-634-1}
 	- dropbear 2016.74-1
 	[jessie] - dropbear 2014.65-1+deb8u1
-	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/34e6127ef02e
+	NOTE: https://hg.ucc.asn.au/dropbear/rev/34e6127ef02e
 CVE-2016-7406 (Format string vulnerability in Dropbear SSH before 2016.74 allows remo ...)
 	{DLA-634-1}
 	- dropbear 2016.74-1
 	[jessie] - dropbear 2014.65-1+deb8u1
-	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/b66a483f3dcb
+	NOTE: https://hg.ucc.asn.au/dropbear/rev/b66a483f3dcb
 CVE-2016-7404 (OpenStack Magnum passes OpenStack credentials into the Heat templates  ...)
 	- magnum 3.1.1-5 (bug #863547)
 	NOTE: https://git.openstack.org/cgit/openstack/magnum/commit/?id=0bb0d6486d6771ee21bbf897a091b1aa59e01b22
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index 2b864eae52..8b84cccd63 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -28437,12 +28437,12 @@ CVE-2017-9080 (PlaySMS 1.4 allows remote code execution because PHP code in the
 CVE-2017-9079 (Dropbear before 2017.75 might allow local users to read certain files  ...)
 	{DSA-3859-1 DLA-948-1}
 	- dropbear 2016.74-5 (bug #862970)
-	NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123
+	NOTE: Patch: https://hg.ucc.asn.au/dropbear/rev/0d889b068123
 CVE-2017-9078 (The server in Dropbear before 2017.75 might allow post-authentication  ...)
 	{DSA-3859-1}
 	- dropbear 2016.74-5 (bug #862970)
 	[wheezy] - dropbear <not-affected> (Vulnerable code not present)
-	NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c
+	NOTE: Patch: https://hg.ucc.asn.au/dropbear/rev/c8114a48837c
 CVE-2017-9077 (The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux  ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
@@ -46056,7 +46056,7 @@ CVE-2017-2660
 	REJECTED
 CVE-2017-2659 (It was found that dropbear before version 2013.59 with GSSAPI leaks wh ...)
 	- dropbear 2013.60-1
-	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/d7784616409a#l1.86
+	NOTE: https://hg.ucc.asn.au/dropbear/rev/d7784616409a#l1.86
 CVE-2017-2658 (It was discovered that the Dashbuilder login page as used in Red Hat J ...)
 	NOT-FOR-US: JBoss BPMS
 CVE-2017-2657
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 894a69b172..cd3287925d 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -15175,7 +15175,7 @@ CVE-2018-15599 (The recv_msg_userauth_request function in svr-auth.c in Dropbear
 	- dropbear 2018.76-4 (bug #906890)
 	[stretch] - dropbear 2016.74-5+deb9u1
 	NOTE: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html
-	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00
+	NOTE: https://hg.ucc.asn.au/dropbear/rev/5d2d1021ca00
 CVE-2018-15598 (Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the ...)
 	NOT-FOR-US: Traefik
 CVE-2018-15597
author	Salvatore Bonaccorso <carnil@debian.org>	2020-12-31 21:08:53 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-12-31 21:10:57 +0100
commit	484726e450765413d243cbd18d316964e461a07f (patch)
tree	b381965a1602bdd9b7f8571967fd6e6b1c2c803e /data
parent	21546eaa0c52cd42fcea8a46b4796fa25e528a35 (diff)