changelog: close #859494/CVE-2017-7401

author Marc Fournier <marc@bl.uem.li>

Wed, 23 Aug 2017 15:10:01 +0000 (17:10 +0200)

committer Marc Fournier <marc@bl.uem.li>

Wed, 23 Aug 2017 15:10:01 +0000 (17:10 +0200)
author Marc Fournier <marc@bl.uem.li>
Wed, 23 Aug 2017 15:10:01 +0000 (17:10 +0200)
committer Marc Fournier <marc@bl.uem.li>
Wed, 23 Aug 2017 15:10:01 +0000 (17:10 +0200)
diff --git a/debian/changelog b/debian/changelog

index 4a306ccfed20a73458c892f32ceae8a6be37810f..3ed78e39dc4d7748b95584284aa63edd4669a9eb 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,9 @@
  collectd (5.7.2-1) UNRELEASED; urgency=medium
  
    * New upstream release.
+    - Fix potential endless-loop in the network plugin, which can be triggered
+      remotely by sending a crafted UDP packet (Closes: #859494,
+      CVE-2017-7401).
    * debian/patches:
      - drop dpdkstat_goto_label.patch; included upstream.
      - drop drop_lssl_lcrypto_from_linking.patch; included upstream.
author	Marc Fournier <marc@bl.uem.li>
	Wed, 23 Aug 2017 15:10:01 +0000 (17:10 +0200)
committer	Marc Fournier <marc@bl.uem.li>
	Wed, 23 Aug 2017 15:10:01 +0000 (17:10 +0200)