Closed
Description
Environment
Vuls
Hash : vuls v0.3.0 bdf6efe
OS
- Target Server: CentOS Linux release 7.3.1611 (Core)
- Vuls Server: CentOS Linux release 7.3.1611 (Core)
Go
- Go version: go version go1.7.4 linux/amd64
Current Output
The content of CVE-ID is a vulnerability related to BIND.
However, the affected package is bash.
And the contents of bind are mixed in changelog.
Addition Details
When two or more packages are the same changelog, the format of the output is changed.
- Previous output
ChangeLog for: coreutils-8.4-43.el6.x86_64, coreutils-libs-8.4-43.el6.x86_64
* Wed Feb 10 21:00:00 2016 Ondrej Vasik <ovasik@redhat.com> - 8.4-43
- sed should actually be /bin/sed (related #1222140)
* Wed Jan 6 21:00:00 2016 Ondrej Vasik <ovasik@redhat.com> - 8.4-41
- colorls.sh,colorls.csh - call utilities with complete path (#1222140)
- mkdir, mkfifo, mknod - respect default umask/acls when
COREUTILS_CHILD_DEFAULT_ACLS envvar is set (to match rhel 7 behaviour,
- Current output
ChangeLog for: 1:openssl-1.0.1e-60.el7_3.1.x86_64,
: 1:openssl-libs-1.0.1e-60.el7_3.1.x86_64
* Mon Feb 6 21:00:00 2017 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-60.1
- fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher
- fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts