1
Candidate: CVE-2017-7401
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7401
6
Incorrect interaction of the parse_packet() and parse_part_sign_sha256()
7
functions in network.c in collectd 5.7.1 and earlier allows remote
8
attackers to cause a denial of service (infinite loop) of a collectd
9
instance (configured with "SecurityLevel None" and with empty "AuthFile"
10
options) via a crafted UDP packet.
14
https://github.com/collectd/collectd/issues/2174
15
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859494
21
upstream: https://github.com/collectd/collectd/commit/f6be4f9b49b949b379326c3d7002476e6ce4f211
22
upstream_collectd: needed
23
precise_collectd: ignored (reached end-of-life)
24
precise/esm_collectd: DNE (precise was needed)
25
trusty_collectd: needed
26
vivid/stable-phone-overlay_collectd: DNE
27
vivid/ubuntu-core_collectd: DNE
28
xenial_collectd: needed
29
yakkety_collectd: ignored (reached end-of-life)
30
zesty_collectd: ignored (reached end-of-life)
31
artful_collectd: needed
32
bionic_collectd: needed
33
devel_collectd: needed