[Secure-testing-commits] r24346 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Sun Nov 10 06:10:18 UTC 2013 

Author: carnil
Date: 2013-11-10 06:10:18 +0000 (Sun, 10 Nov 2013)
New Revision: 24346

Modified:
   data/CVE/list
Log:
Add fixed versions for issues in eglibc with 2.17-94 upload

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-11-09 21:39:51 UTC (rev 24345)
+++ data/CVE/list	2013-11-10 06:10:18 UTC (rev 24346)
@@ -4082,7 +4082,7 @@
 CVE-2013-4789 (SQL injection vulnerability in modules/rss/rss.php in Cotonti before ...)
 	NOT-FOR-US: Cotonti
 CVE-2013-4788 (The PTR_MANGLE implementation in the GNU C Library (aka glibc or ...)
-	- eglibc <unfixed> (low; bug #717178)
+	- eglibc 2.17-94 (low; bug #717178)
 	[squeeze] - eglibc <no-dsa> (Incorrect hardening, only applies to statically linked binaries)
 	[wheezy] - eglibc <no-dsa> (Incorrect hardening, only applies to statically linked binaries)
 CVE-2013-4787 (Android 1.6 Donut through 4.2 Jelly Bean does not properly check ...)
@@ -5695,7 +5695,7 @@
 	NOTE: http://bugs.python.org/issue18709
 	NOTE: https://bugs.mageia.org/show_bug.cgi?id=10989
 CVE-2013-4237 (sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) ...)
-	- eglibc <unfixed> (bug #719558)
+	- eglibc 2.17-94 (bug #719558)
 	[wheezy] - eglibc <unfixed> (low; bug #719558)
 	[squeeze] - eglibc <unfixed> (low; bug #719558)
 	NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=14699
@@ -22880,7 +22880,7 @@
 	- spice-gtk 0.12-5 (bug #689155)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/13/18
 CVE-2012-4424 (Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library ...)
-	- eglibc <unfixed> (low; bug #689423)
+	- eglibc 2.17-94 (low; bug #689423)
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 CVE-2012-4423 (The virNetServerProgramDispatchCall function in libvirt before 0.10.2 ...)
@@ -22922,7 +22922,7 @@
 	- keystone 2012.1.1-6 (bug #687428)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/7
 CVE-2012-4412 (Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc ...)
-	- eglibc <unfixed> (low; bug #687530)
+	- eglibc 2.17-94 (low; bug #687530)
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 CVE-2012-4411 (The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest ...)

More information about the Secure-testing-commits mailing list