[Secure-testing-commits] r32014 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Feb 6 08:03:53 UTC 2015
Author: jmm
Date: 2015-02-06 08:03:47 +0000 (Fri, 06 Feb 2015)
New Revision: 32014
Modified:
data/CVE/list
Log:
add glibc bugnumber and extend to silly split-off
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-06 07:53:43 UTC (rev 32013)
+++ data/CVE/list 2015-02-06 08:03:47 UTC (rev 32014)
@@ -151,15 +151,17 @@
- linux-2.6 <not-affected> (Introduced in 3.16)
NOTE: Upstream patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df4d92549f23e1c037e83323aff58a21b3de7fe0 (v3.19-rc7)
NOTE: http://www.openwall.com/lists/oss-security/2015/02/02/2
-CVE-2015-1473 [ risk-management error]
+CVE-2015-1473 [silly hairsplitting ID related to CVE-2015-1473]
RESERVED
- - glibc <unfixed>
+ - glibc <unfixed> (bug #777197)
- eglibc <removed>
- NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16618
- TODO: check, possibly introduced by fix for https://sourceware.org/bugzilla/show_bug.cgi?id=13138
+ NOTE: Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=16618
+ NOTE: Fix: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
+ NOTE: This was introduced by https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3f8cc204fdd0 (2.15),
+ NOTE: the patch was backported into wheezy (patches/any/cvs-vfscanf.diff), but not squeeze
CVE-2015-1472 [incorrect second argument to realloc leads to a buffer overflow]
RESERVED
- - glibc <unfixed>
+ - glibc <unfixed> (bug #777197)
- eglibc <removed>
[squeeze] - eglibc <not-affected> (Vulnerable code not present)
NOTE: Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=16618
More information about the Secure-testing-commits
mailing list