[Secure-testing-commits] r29126 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Sep 28 09:44:59 UTC 2014
Author: carnil
Date: 2014-09-28 09:44:59 +0000 (Sun, 28 Sep 2014)
New Revision: 29126
Modified:
data/CVE/list
Log:
Add CVE-2014-6277
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-28 09:34:17 UTC (rev 29125)
+++ data/CVE/list 2014-09-28 09:44:59 UTC (rev 29126)
@@ -1979,8 +1979,13 @@
RESERVED
CVE-2014-6278
RESERVED
-CVE-2014-6277
+CVE-2014-6277 [Incomplete fix for CVE-2014-7169]
RESERVED
+ - bash <not-affected> (we apply variables-affix.patch which mitigates prevents both CVE-2014-7169 and CVE-2014-6277)
+ NOTE: altough unfixed as we also add upstream patch for CVE-2014-7169,
+ NOTE: this is does not affect Debian as we apply the variables-affix.patch
+ NOTE: (hardening patch). The hardening patch prevents both exploitation of
+ NOTE: CVE-2014-7169 and CVE-2014-6277 related issues.
CVE-2014-6276
RESERVED
CVE-2014-6275
More information about the Secure-testing-commits
mailing list