diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-12-31 21:08:53 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-12-31 21:10:57 +0100 |
commit | 484726e450765413d243cbd18d316964e461a07f (patch) | |
tree | b381965a1602bdd9b7f8571967fd6e6b1c2c803e /data | |
parent | 21546eaa0c52cd42fcea8a46b4796fa25e528a35 (diff) |
Replace dropbear repository reference with working URL
Apparently repository moved from https://secure.ucc.asn.au/hg/dropbear
to https://hg.ucc.asn.au/dropbear and so replace previous references.
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2013.list | 2 | ||||
-rw-r--r-- | data/CVE/2016.list | 8 | ||||
-rw-r--r-- | data/CVE/2017.list | 6 | ||||
-rw-r--r-- | data/CVE/2018.list | 2 |
4 files changed, 9 insertions, 9 deletions
diff --git a/data/CVE/2013.list b/data/CVE/2013.list index 73e8310755..d697b9c52b 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -7999,7 +7999,7 @@ CVE-2013-4421 (The buf_decompress function in packet.c in Dropbear SSH Server be - dropbear 2012.55-1.4 (low; bug #726019) [squeeze] - dropbear <no-dsa> (Minor issue) [wheezy] - dropbear <no-dsa> (Minor issue) - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/0bf76f54de6f + NOTE: https://hg.ucc.asn.au/dropbear/rev/0bf76f54de6f CVE-2013-4420 (Multiple directory traversal vulnerabilities in the (1) tar_extract_gl ...) {DSA-2863-1} - libtar 1.2.20-2 (bug #731860) diff --git a/data/CVE/2016.list b/data/CVE/2016.list index 255f11c3ee..454b6a59a8 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -10729,24 +10729,24 @@ CVE-2016-7410 (The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 2 NOTE: Introduced by (as confirmed by upstream): https://sourceforge.net/p/libdwarf/code/ci/b446e23dc21704ccd3b76d8945aaf39e4aca8c27 CVE-2016-7409 (The dbclient and server in Dropbear SSH before 2016.74, when compiled ...) - dropbear 2016.74-1 (unimportant) - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/6a14b1f6dc04 + NOTE: https://hg.ucc.asn.au/dropbear/rev/6a14b1f6dc04 NOTE: Not an issue for the the Debian binary package since we do not NOTE: compile with DEBUG_TRACE. CVE-2016-7408 (The dbclient in Dropbear SSH before 2016.74 allows remote attackers to ...) - dropbear 2016.74-1 [jessie] - dropbear 2014.65-1+deb8u1 [wheezy] - dropbear <not-affected> (Vulnerable code not present) - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/eed9376a4ad6 + NOTE: https://hg.ucc.asn.au/dropbear/rev/eed9376a4ad6 CVE-2016-7407 (The dropbearconvert command in Dropbear SSH before 2016.74 allows atta ...) {DLA-634-1} - dropbear 2016.74-1 [jessie] - dropbear 2014.65-1+deb8u1 - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/34e6127ef02e + NOTE: https://hg.ucc.asn.au/dropbear/rev/34e6127ef02e CVE-2016-7406 (Format string vulnerability in Dropbear SSH before 2016.74 allows remo ...) {DLA-634-1} - dropbear 2016.74-1 [jessie] - dropbear 2014.65-1+deb8u1 - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/b66a483f3dcb + NOTE: https://hg.ucc.asn.au/dropbear/rev/b66a483f3dcb CVE-2016-7404 (OpenStack Magnum passes OpenStack credentials into the Heat templates ...) - magnum 3.1.1-5 (bug #863547) NOTE: https://git.openstack.org/cgit/openstack/magnum/commit/?id=0bb0d6486d6771ee21bbf897a091b1aa59e01b22 diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 2b864eae52..8b84cccd63 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -28437,12 +28437,12 @@ CVE-2017-9080 (PlaySMS 1.4 allows remote code execution because PHP code in the CVE-2017-9079 (Dropbear before 2017.75 might allow local users to read certain files ...) {DSA-3859-1 DLA-948-1} - dropbear 2016.74-5 (bug #862970) - NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123 + NOTE: Patch: https://hg.ucc.asn.au/dropbear/rev/0d889b068123 CVE-2017-9078 (The server in Dropbear before 2017.75 might allow post-authentication ...) {DSA-3859-1} - dropbear 2016.74-5 (bug #862970) [wheezy] - dropbear <not-affected> (Vulnerable code not present) - NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c + NOTE: Patch: https://hg.ucc.asn.au/dropbear/rev/c8114a48837c CVE-2017-9077 (The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux ...) {DSA-3886-1 DLA-993-1} - linux 4.9.30-1 @@ -46056,7 +46056,7 @@ CVE-2017-2660 REJECTED CVE-2017-2659 (It was found that dropbear before version 2013.59 with GSSAPI leaks wh ...) - dropbear 2013.60-1 - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/d7784616409a#l1.86 + NOTE: https://hg.ucc.asn.au/dropbear/rev/d7784616409a#l1.86 CVE-2017-2658 (It was discovered that the Dashbuilder login page as used in Red Hat J ...) NOT-FOR-US: JBoss BPMS CVE-2017-2657 diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 894a69b172..cd3287925d 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -15175,7 +15175,7 @@ CVE-2018-15599 (The recv_msg_userauth_request function in svr-auth.c in Dropbear - dropbear 2018.76-4 (bug #906890) [stretch] - dropbear 2016.74-5+deb9u1 NOTE: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html - NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00 + NOTE: https://hg.ucc.asn.au/dropbear/rev/5d2d1021ca00 CVE-2018-15598 (Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the ...) NOT-FOR-US: Traefik CVE-2018-15597 |