[Secure-testing-commits] r26621 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Apr 20 06:34:56 UTC 2014 

Author: carnil
Date: 2014-04-20 06:34:56 +0000 (Sun, 20 Apr 2014)
New Revision: 26621

Modified:
   data/CVE/list
Log:
Three CVEs fixed with net-snmp upload to unstable

These were already fixed in experimental and the experimental package
was now uploaded to unstable.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-04-20 06:27:34 UTC (rev 26620)
+++ data/CVE/list	2014-04-20 06:34:56 UTC (rev 26621)
@@ -1976,21 +1976,19 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2014-2285 [snmptrapd crash when using a trap with empty community string]
 	RESERVED
-	- net-snmp <unfixed> (unimportant)
+	- net-snmp 5.7.2.1~dfsg-3 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1072044
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1072778
 	NOTE: Upstream fix: http://sourceforge.net/p/net-snmp/code/ci/76e8d6d100320629d8a23be4b0128619600c919d/
 	NOTE: unimportant since it only segfaults with older Perl version
 	NOTE: http://www.nntp.perl.org/group/perl.perl5.porters/2006/09/msg116250.html
 	NOTE: http://perl5.git.perl.org/perl.git/commitdiff/ddfa59c
-	NOTE: fixed with 5.7.2.1~dfsg-1 upload to experimental, adjust when enters unstable
 CVE-2014-2284 (The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before ...)
-	- net-snmp <unfixed> (bug #742817)
+	- net-snmp 5.7.2.1~dfsg-3 (bug #742817)
 	[wheezy] - net-snmp <not-affected> (Only affects code from 5.5 through 5.7.2)
 	[squeeze] - net-snmp <not-affected> (Only affects code from 5.5 through 5.7.2)
 	NOTE: http://sourceforge.net/p/net-snmp/mailman/message/32026655/
 	NOTE: http://sourceforge.net/p/net-snmp/code/ci/a1fd64716f6794c55c34d77e618210238a73bfa1/
-	NOTE: fixed with 5.7.2.1~dfsg-1 upload to experimental, adjust when enters unstable
 CVE-2014-XXXX [buffer overflow]
 	- mp3gain <unfixed> (low; bug #740268)
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
@@ -27022,12 +27020,11 @@
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
 CVE-2012-6151 (Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB ...)
-	- net-snmp <unfixed> (low; bug #731625)
+	- net-snmp 5.7.2.1~dfsg-3 (low; bug #731625)
 	[wheezy] - net-snmp <no-dsa> (Minor issue)
 	[squeeze] - net-snmp <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/net-snmp/bugs/2411/
 	NOTE: Upstream patch: http://sourceforge.net/p/net-snmp/code/ci/793d596838ff7cb48a73b675d62897c56c9e62df/
-	NOTE: fixed with 5.7.2.1~dfsg-1 upload to experimental, adjust when enters unstable
 CVE-2012-6150 (The winbind_name_list_to_sid_string_list function in ...)
 	- samba 2:4.0.13+dfsg-1 (low)
 	[wheezy] - samba <no-dsa> (Can be fixed along in a future DSA)

More information about the Secure-testing-commits mailing list