From: Mark Andrews <marka@isc.org>
Date: Thu, 25 Nov 2010 04:55:50 +0000 (+0000)
Subject: CVE-2010-3613 Reduce complexity from M to L raising score from 7.1 to 7.8.
X-Git-Tag: v9.4-ESV-R4~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bbac4157e5382c563593a02c9b7ab82d3d5e2a6e;p=thirdparty%2Fbind9.git

CVE-2010-3613 Reduce complexity from M to L raising score from 7.1 to 7.8.
Just have the base CVSS vectors.
---

diff --git a/CHANGES b/CHANGES
index 81de3b31426..4fbd62f5ca1 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,7 +6,7 @@
 			unexpected RRSIG was also returned with the NO DATA
 			cache entry.
 
-			CVSS: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C/E:P/RL:O/RC:C)
+			CVSS: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
 			CVE-2010-3613, VU#706148. [RT #22288]
 
 2968.	[security]	Named could fail to prove a data set was insecure
@@ -14,7 +14,7 @@
 			that can trigger this occurs naturally when rolling
 			DNSKEY algorithms.
 
-			CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N/E:P/RL:O/RC:C)
+			CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
 			CVE-2010-3614, VU#837744. [RT #22309]
 
 2966.	[bug]		isc_print_vsnprintf() failed to check if there was