[Secure-testing-commits] r38473 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2015-12-22 07:58:24 +0000 (Tue, 22 Dec 2015)
New Revision: 38473

Modified:
   data/CVE/list
Log:
mark glibc as no-dsa/fixed in next point release
add explanation to no-dsa tags for ldb


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-22 06:24:42 UTC (rev 38472)
+++ data/CVE/list	2015-12-22 07:58:24 UTC (rev 38473)
@@ -3811,6 +3811,8 @@
 	NOTE: https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617
 CVE-2015-XXXX [multiple overflows in strxfrm()]
 	- glibc 2.21-1 (bug #803927)
+	[jessie] - glibc <no-dsa> (Minor issue, will be fixed in a point release)
+	[wheezy] - glibc <no-dsa> (Minor issue, will be fixed in a point release)
 	- eglibc <removed>
 	[squeeze] - eglibc 2.11.3-4+deb6u8
 	NOTE: workaround entry for DLA-350-1 until/if CVE assigned
@@ -10821,7 +10823,7 @@
 	[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
 	[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
 	- ldb 2:1.1.24-1
-	[wheezy] - ldb <no-dsa> (Minor issue)
+	[wheezy] - ldb <no-dsa> (Minor issue, only relevant in conjunction with Samba 4, which isn't in wheezy)
 	[squeeze] - ldb <no-dsa> (Minor issue)
 	NOTE: https://git.samba.org/?p=samba.git;a=commit;h=1aef718f3cc175d90d40202a333042a38ba382b1 (v4-1-stable)
 	NOTE: https://git.samba.org/?p=samba.git;a=commit;h=7bcac237656083e67bbac9b50be9b319bb2d7eb8 (v4-1-stable)
@@ -16996,7 +16998,7 @@
 	[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
 	[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
 	- ldb 2:1.1.24-1
-	[wheezy] - ldb <no-dsa> (Minor issue)
+	[wheezy] - ldb <no-dsa> (Minor issue, only relevant in conjunction with Samba 4, which isn't in wheezy)
 	[squeeze] - ldb <no-dsa> (Minor issue)
 	NOTE: https://www.samba.org/samba/security/CVE-2015-3223.html
 	NOTE: https://git.samba.org/?p=samba.git;a=commit;h=fb456954f332c07a645226d59b3b00ec252f8b26 (v4-1-stable)