Add CVEs to the changelog for 1.6.1-3

author Russ Allbery <rra@debian.org>

Fri, 1 Mar 2013 22:40:54 +0000 (14:40 -0800)

committer Russ Allbery <rra@debian.org>

Fri, 1 Mar 2013 22:40:54 +0000 (14:40 -0800)
author Russ Allbery <rra@debian.org>
Fri, 1 Mar 2013 22:40:54 +0000 (14:40 -0800)
committer Russ Allbery <rra@debian.org>
Fri, 1 Mar 2013 22:40:54 +0000 (14:40 -0800)
diff --git a/debian/changelog b/debian/changelog

index eb81d0a8c89d191fe81053c37e54738ebce6c586..105c2d6f005b362faf6efbe1f93926a74cdcd772 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,9 +3,9 @@ openafs (1.6.1-3) UNRELEASED; urgency=high
    * Apply upstream security patches:
      - OPENAFS-SA-2013-001: Fix fileserver buffer overflow when parsing
        client-supplied ACL entries and protect against client parsing of
-      bad ACL entries.
+      bad ACL entries.  (CVE-2013-1794)
      - OPENAFS-SA-2013-002: Fix ptserver buffer overflow via integer
-      overflow in the IdToName RPC.
+      overflow in the IdToName RPC.  (CVE-2013-1795)
  
   -- Russ Allbery <rra@debian.org>  Sun, 24 Feb 2013 15:01:49 -0800
author	Russ Allbery <rra@debian.org>
	Fri, 1 Mar 2013 22:40:54 +0000 (14:40 -0800)
committer	Russ Allbery <rra@debian.org>
	Fri, 1 Mar 2013 22:40:54 +0000 (14:40 -0800)