security: more security fixes

author Vincent Bernat <vincent@bernat.ch>

Fri, 2 Apr 2021 07:48:50 +0000 (09:48 +0200)

committer Vincent Bernat <vincent@bernat.ch>

Fri, 2 Apr 2021 07:48:50 +0000 (09:48 +0200)
author Vincent Bernat <vincent@bernat.ch>
Fri, 2 Apr 2021 07:48:50 +0000 (09:48 +0200)
committer Vincent Bernat <vincent@bernat.ch>
Fri, 2 Apr 2021 07:48:50 +0000 (09:48 +0200)
diff --git a/content/security.html b/content/security.html

index e745a9a92d5f750f5f2164ccd4a992e2575c6bda..f2af67bbbd5a0eb13123a3d9973e0fd57553eac5 100644 (file)
--- a/content/security.html
+++ b/content/security.html
@@ -14,8 +14,8 @@ directly.
     duplicate port description, system name, or system description TLV
     and trigger a memory leak. The vulnerability does not allow
     arbitrary code execution. This bug is present since the initial
-   release. It has been fixed in commit [a8d3c90f][] and in version
-   1.0.8.
+   release. It has been fixed in commits [a8d3c90f][] (1.0.8), and
+   [7d60bf30][] (1.0.9)
  
   * [CVE-2015-8011][]: buffer overflow when handling management address
     TLV for LLDP. When a remote device was advertising a too large
@@ -43,6 +43,7 @@ directly.
  [dd4f16e7]: https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
  [793526f8]: https://github.com/lldpd/lldpd/commit/793526f8884455f43daecd0a2c46772388417a00
  [a8d3c90f]: https://github.com/lldpd/lldpd/commit/a8d3c90feca548fc0656d95b5d278713db86ff61
+[7d60bf30]: https://github.com/lldpd/lldpd/commit/7d60bf30effc4c88f17f3d58ecaa72479f16d4be
  
  {# Local Variables:      #}
  {# mode: markdown        #}
author	Vincent Bernat <vincent@bernat.ch>
	Fri, 2 Apr 2021 07:48:50 +0000 (09:48 +0200)
committer	Vincent Bernat <vincent@bernat.ch>
	Fri, 2 Apr 2021 07:48:50 +0000 (09:48 +0200)