From 10e1368ae71f816ac27e891e9dc52595cf1c631b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Roberto=20C=2E=20S=C3=A1nchez?= <roberto@debian.org>
Date: Fri, 14 Feb 2020 14:56:49 -0500
Subject: LTS/triage CVE-2014-5209/ntp

---
 data/CVE/list.2014 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/data/CVE/list.2014 b/data/CVE/list.2014
index 0285d32616..d689bac8e8 100644
--- a/data/CVE/list.2014
+++ b/data/CVE/list.2014
@@ -13498,8 +13498,11 @@ CVE-2014-5210 (The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allo
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2014-5209 (An Information Disclosure vulnerability exists in NTP 4.2.7p25 private ...)
 	- ntp 1:4.2.8p3+dfsg-1
+	[jessie] - ntp <ignored> (can be worked around by disabling mode in configuration)
 	NOTE: Starting with 4.2.8, mode 7 is marked as deprecated and disabled by default,
 	NOTE:   treat this as the fixed version here
+	NOTE: http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=4eae26a46gF81Tr6RRrYnf6jWhVo0g
+	NOTE: http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=4eb4b512O-jx-s-epS2A75g9mitvfQ
 CVE-2014-5208 (BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 30 ...)
 	NOT-FOR-US: Batch Management Packages in Yokogawa and Exaopc
 CVE-2014-5202 (Cross-site scripting (XSS) vulnerability in compfight-search.php in th ...)
-- 
cgit v1.2.3