[Secure-testing-commits] r7965 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Fri Jan 18 22:33:50 UTC 2008
Author: fw
Date: 2008-01-18 22:33:49 +0000 (Fri, 18 Jan 2008)
New Revision: 7965
Modified:
data/CVE/list
Log:
CVE-2008-0122: BIND vulnerability
FreeBSD kernels not affected, independently fixed in GNU libc.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-01-18 21:14:10 UTC (rev 7964)
+++ data/CVE/list 2008-01-18 22:33:49 UTC (rev 7965)
@@ -524,9 +524,12 @@
NOTE: and considering that the apache configuration that comes
NOTE: with moodle limits connections to localhost this is no issue
CVE-2008-0122 (Off-by-one error in the inet_network function in libc in FreeBSD 6.2, ...)
- - kfreebsd-5 <not-affected>
- - kfreebsd-6 <unfixed>
- - kfreebsd-7 <unfixed>
+ - bind <removed>
+ [sarge] - bind <no-dsa> (applications will use inet_network in libc)
+ [etch] - bind <no-dsa> (applications will use inet_network in libc)
+ - bind9 <not-affected> (does not build libbind)
+ - glibc 2.2-1
+ NOTE: The fix for the BIND-based resolver in GNU libc was made in 2000.
CVE-2008-0121
RESERVED
CVE-2008-0120
More information about the Secure-testing-commits
mailing list