[Secure-testing-commits] r32010 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Feb 6 07:14:32 UTC 2015
Author: jmm
Date: 2015-02-06 07:14:32 +0000 (Fri, 06 Feb 2015)
New Revision: 32010
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
correct sid fix for CVE-2013-7423; this was only added in the recent
git-updates.diff patch and not in the 2.19 upstream release
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-06 07:04:17 UTC (rev 32009)
+++ data/CVE/list 2015-02-06 07:14:32 UTC (rev 32010)
@@ -522,7 +522,7 @@
NOTE: libv8 is not covered by security support
CVE-2013-7423 [getaddrinfo() writes DNS queries to random file descriptors under high load]
RESERVED
- - glibc 2.19-1 (bug #722075)
+ - glibc 2.19-14 (bug #722075)
- eglibc <removed>
NOTE: Upstream report: https://sourceware.org/bugzilla/show_bug.cgi?id=15946
NOTE: http://www.openwall.com/lists/oss-security/2015/01/28/16
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2015-02-06 07:04:17 UTC (rev 32009)
+++ data/dsa-needed.txt 2015-02-06 07:14:32 UTC (rev 32010)
@@ -14,6 +14,9 @@
--
asterisk
--
+eglibc
+ we should fix at least CVE-2013-7423, some of the othre no-dsa bugs could be fixed along
+--
icu
--
imagemagick
More information about the Secure-testing-commits
mailing list