[Secure-testing-commits] r16065 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Sat Feb 5 19:21:13 UTC 2011
Author: gilbert-guest
Date: 2011-02-05 19:21:03 +0000 (Sat, 05 Feb 2011)
New Revision: 16065
Modified:
data/CVE/list
Log:
eglibc info
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-05 13:18:41 UTC (rev 16064)
+++ data/CVE/list 2011-02-05 19:21:03 UTC (rev 16065)
@@ -566,8 +566,10 @@
RESERVED
CVE-2011-0537 (Multiple directory traversal vulnerabilities in (1) ...)
- mediawiki <unfixed> (bug #611787)
-CVE-2011-0536
+CVE-2011-0536 [CVE-2010-3847 opens new vulnerability]
RESERVED
+ - eglibc <unfixed> (bug #600667)
+ - glibc <removed>
CVE-2011-0535
RESERVED
CVE-2011-0534
@@ -3900,8 +3902,7 @@
CVE-2010-3856 (ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and ...)
{DSA-2122-2 DSA-2122-1}
- glibc <removed>
- - eglibc <unfixed> (bug #600667)
- [squeeze] - eglibc 2.11.2-6+squeeze1
+ - eglibc 2.11.2-8 (bug #600667)
CVE-2010-3855 (Buffer overflow in the ft_var_readpackedpoints function in ...)
{DSA-2155-1}
- freetype 2.4.2-2.1 (bug #602221)
@@ -3924,11 +3925,10 @@
- linux-2.6 2.6.32-28
CVE-2010-3847 (elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) ...)
{DSA-2122-2 DSA-2122-1}
- - eglibc 2.11.2-8 (bug #600667)
+ - eglibc <unfixed> (bug #600667)
- glibc <removed>
- [squeeze] - eglibc 2.11.2-6+squeeze1
NOTE: http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html
- NOTE: Initial -7 fix was incomplete
+ NOTE: Initial -7 fix was incomplete, -8 fixes wrong CVE-2010-3856; this still appears unfixed and there is now even CVE-2011-0536 for a new vuln introduced by this CVE
CVE-2010-3846 (Array index error in the apply_rcs_change function in rcs.c in CVS ...)
- cvs <not-affected> (vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3852
More information about the Secure-testing-commits
mailing list