CVE-2010-3613 Reduce complexity from M to L raising score from 7.1 to 7.8.

author Mark Andrews <marka@isc.org>

Thu, 25 Nov 2010 04:50:15 +0000 (04:50 +0000)

committer Mark Andrews <marka@isc.org>

Thu, 25 Nov 2010 04:50:15 +0000 (04:50 +0000)
author Mark Andrews <marka@isc.org>
Thu, 25 Nov 2010 04:50:15 +0000 (04:50 +0000)
committer Mark Andrews <marka@isc.org>
Thu, 25 Nov 2010 04:50:15 +0000 (04:50 +0000)
diff --git a/CHANGES b/CHANGES

index 5188864c1cc11bbacedb0a9eb25853c2c14bdfdc..2751e2eddadc4249a41ca66edd64e64db492c7c4 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -13,14 +13,14 @@
                         unexpected RRSIG was also returned with the NO DATA
                         cache entry.
  
-                       CVSS: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C/E:P/RL:O/RC:C)
+                       CVSS: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
                         CVE-2010-3613, VU#706148. [RT #22288]
  
  2969.  [security]      Fix acl type processing so that allow-query works
                         in options and view statements.  Also add a new
                         set of tests to verify proper functioning.
  
-                       CVSS: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N/E:F/RL:O/RC:C)
+                       CVSS: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)
                         CVE-2010-3615, VU#510208. [RT #22418]
  
  2968.  [security]      Named could fail to prove a data set was insecure
@@ -28,7 +28,7 @@
                         that can trigger this occurs naturally when rolling
                         DNSKEY algorithms.
  
-                       CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N/E:P/RL:O/RC:C)
+                       CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
                         CVE-2010-3614, VU#837744. [RT #22309]
  
  2967.  [bug]           'host -D' now turns on debugging messages earlier.
author	Mark Andrews <marka@isc.org>
	Thu, 25 Nov 2010 04:50:15 +0000 (04:50 +0000)
committer	Mark Andrews <marka@isc.org>
	Thu, 25 Nov 2010 04:50:15 +0000 (04:50 +0000)