[Secure-testing-commits] r19534 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Tue Jun 19 07:31:47 UTC 2012
Author: thijs
Date: 2012-06-19 07:31:47 +0000 (Tue, 19 Jun 2012)
New Revision: 19534
Modified:
data/CVE/list
Log:
clarify affected status and meaning of fixed version
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-06-19 07:27:50 UTC (rev 19533)
+++ data/CVE/list 2012-06-19 07:31:47 UTC (rev 19534)
@@ -3371,6 +3371,8 @@
- mysql-5.5 5.5.24+dfsg-1
NOTE: https://www.secmaniac.com/blog/2012/06/11/massive-mysql-authentication-bypass-exploit/
NOTE: http://seclists.org/oss-sec/2012/q2/493
+ NOTE: Issue only triggered with specific optimisation in glibc enabled; no builds in Debian known to be affected.
+ NOTE: Fixed versions indicate application of upstream patch which prevents issue regardless of opt.settings.
CVE-2012-2121 (The KVM implementation in the Linux kernel before 3.3.4 does not ...)
- linux-2.6 3.2.17-1
CVE-2012-2120 (latex2man in texlive-extra-utils 2011.20120322, and possibly other ...)
More information about the Secure-testing-commits
mailing list