From: Mark Andrews <marka@isc.org>
Date: Thu, 25 Nov 2010 04:50:15 +0000 (+0000)
Subject: CVE-2010-3613 Reduce complexity from M to L raising score from 7.1 to 7.8.
X-Git-Tag: v9.6-ESV-R3~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=71a11c4a31bfc36cedce312c146e73af0e9b52b9;p=thirdparty%2Fbind9.git

CVE-2010-3613 Reduce complexity from M to L raising score from 7.1 to 7.8.
Just have the base CVSS vectors.
---

diff --git a/CHANGES b/CHANGES
index 5188864c1cc..2751e2eddad 100644
--- a/CHANGES
+++ b/CHANGES
@@ -13,14 +13,14 @@
 			unexpected RRSIG was also returned with the NO DATA
 			cache entry.
 
-			CVSS: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C/E:P/RL:O/RC:C)
+			CVSS: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
 			CVE-2010-3613, VU#706148. [RT #22288]
 
 2969.	[security]	Fix acl type processing so that allow-query works
 			in options and view statements.  Also add a new
 			set of tests to verify proper functioning.
 
-			CVSS: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N/E:F/RL:O/RC:C)
+			CVSS: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)
 			CVE-2010-3615, VU#510208. [RT #22418]
 
 2968.	[security]	Named could fail to prove a data set was insecure
@@ -28,7 +28,7 @@
 			that can trigger this occurs naturally when rolling
 			DNSKEY algorithms.
 
-			CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N/E:P/RL:O/RC:C)
+			CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
 			CVE-2010-3614, VU#837744. [RT #22309]
 
 2967.	[bug]		'host -D' now turns on debugging messages earlier.