[Secure-testing-commits] r31470 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sat Jan 17 23:33:51 UTC 2015


Author: jmm
Date: 2015-01-17 23:33:51 +0000 (Sat, 17 Jan 2015)
New Revision: 31470

Modified:
   data/CVE/list
Log:
drop all other workarounds for kfreebsd and eglibc


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-17 23:25:21 UTC (rev 31469)
+++ data/CVE/list	2015-01-17 23:33:51 UTC (rev 31470)
@@ -5631,8 +5631,6 @@
 	- kfreebsd-10 10.1~svn274115-1 (bug #768108)
 	- kfreebsd-9 <removed> (bug #768104)
 	- kfreebsd-8 <removed> (bug #768106)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://security.FreeBSD.org/advisories/FreeBSD-SA-14:25.setlogin.asc
@@ -7394,7 +7392,6 @@
 CVE-2014-7817 (The wordexp function in GNU C Library (aka glibc) 2.21 does not ...)
 	{DLA-97-1}
 	- glibc <unfixed> (bug #775572)
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Will be fixed through a point update)
 	NOTE: https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html
@@ -12618,7 +12615,6 @@
 	{DLA-97-1}
 	- glibc 2.19-12
 	- eglibc <removed>
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	[wheezy] - eglibc <no-dsa> (Will be fixed in a point update)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17325
 	NOTE: https://sourceware.org/ml/libc-alpha/2014-08/msg00473.html
@@ -13126,7 +13122,6 @@
 	{DLA-97-1}
 	- glibc 2.17-1
 	- eglibc <removed>
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	[wheezy] - eglibc <no-dsa> (Will be fixed in a point update)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=14134
 	NOTE: https://sourceware.org/git/?p=glibc.git;a=commit;h=6e230d11837f3ae7b375ea69d7905f0d18eb79e5
@@ -14503,7 +14498,6 @@
 CVE-2014-5119 (Off-by-one error in the __gconv_translit_find function in ...)
 	{DSA-3012-1 DLA-43-1}
 	- glibc 2.19-10 (medium)
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	- eglibc <removed> (medium)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/07/14/2
 	NOTE: http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
@@ -16233,7 +16227,6 @@
 CVE-2014-4043 (The posix_spawn_file_actions_addopen function in glibc before 2.20 ...)
 	- eglibc <removed>
 	- glibc 2.19-2 (low; bug #751774)
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 CVE-2014-4040 (snap in powerpc-utils 1.2.20 produces an archive with fstab and ...)
@@ -16394,8 +16387,6 @@
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	- kfreebsd-9 <removed> (bug #754237)
 	- kfreebsd-10 10.1~svn272463-1
 CVE-2014-3952 (FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 ...)
@@ -16403,8 +16394,6 @@
 	- kfreebsd-8 <removed>
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	- kfreebsd-9 <removed> (bug #754236)
 	- kfreebsd-10 10.1~svn272463-1
 CVE-2014-3951 (The HZ module in the iconv implementation in FreeBSD 10.0 before p6 ...)
@@ -16577,8 +16566,6 @@
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (Will be fixed in a point update)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	- kfreebsd-9 <removed>
 	- kfreebsd-10 10.0-6
 CVE-2014-3879
@@ -16606,8 +16593,6 @@
 CVE-2014-3873 (The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before ...)
 	- kfreebsd-8 <removed>
 	- kfreebsd-9 <removed> (bug #750493)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-9 <not-affected> (introduced by the merge of r237663)
 	[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a point update)
@@ -16963,7 +16948,6 @@
 CVE-2014-3711 (namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause ...)
 	{DSA-3070-1}
 	- kfreebsd-9 <removed> (bug #766275)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	- kfreebsd-10 10.1~svn273874-1 (bug #766278)
 CVE-2014-3710 (The donote function in readelf.c in file through 5.20, as used in the ...)
 	{DSA-3074-1 DSA-3072-1 DLA-94-1 DLA-86-1}
@@ -19190,8 +19174,6 @@
 	- kfreebsd-10 10.0-5 (bug #746949)
 	- kfreebsd-9 <removed> (bug #746951)
 	- kfreebsd-8 <removed> (bug #746952)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a point update)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 CVE-2014-2999
@@ -23866,8 +23848,6 @@
 CVE-2014-1453 (The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not ...)
 	{DSA-2952-1}
 	- kfreebsd-8 <removed>
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a point update)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	- kfreebsd-9 <removed> (bug #743984)
@@ -25838,7 +25818,6 @@
 CVE-2014-0475 (Multiple directory traversal vulnerabilities in GNU C Library (aka ...)
 	{DSA-2976-1 DLA-43-1}
 	- glibc 2.19-6
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	- eglibc <removed>
 CVE-2014-0474 (The (1) FilePathField, (2) GenericIPAddressField, and (3) ...)
 	{DSA-2934-1}
@@ -31285,8 +31264,6 @@
 	{DSA-2769-1}
 	- kfreebsd-9 9.2~svn255465-1 (bug #722337)
 	- kfreebsd-8 <removed>
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
 CVE-2013-5709 (The authentication implementation in the web server on Siemens ...)
@@ -31339,8 +31316,6 @@
 CVE-2013-5691 (The (1) IPv6 and (2) ATM ioctl request handlers in the kernel in ...)
 	{DSA-2769-1}
 	- kfreebsd-9 9.2~svn255465-1 (bug #722338)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	- kfreebsd-8 <removed>
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
@@ -31382,7 +31357,6 @@
 	NOT-FOR-US: Thecus NAS server N8800
 CVE-2013-5666 (The sendfile system-call implementation in sys/kern/uipc_syscalls.c in ...)
 	- kfreebsd-9 9.2~svn255465-1 (bug #722336)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[wheezy] - kfreebsd-9 <not-affected> (Only affects 9.2.x)
 CVE-2013-5665
 	RESERVED
@@ -32555,8 +32529,6 @@
 	- kfreebsd-8 <removed> (bug #720476)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	- kfreebsd-9 9.2~svn254368-2 (bug #720475)
 	- kfreebsd-10 10.0~svn254663-1 (bug #720478)
 CVE-2013-5208 (HR Systems Strategies info:HR HRIS 7.9 does not properly protect the ...)
@@ -33354,8 +33326,6 @@
 	{DSA-2743-1}
 	- kfreebsd-9 9.1-4 (bug #717958)
 	- kfreebsd-8 8.3-7 (bug #717959)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
 	[squeeze] - kfreebsd-8 <not-affected> (FreeBSD NFS server implementation was not supported in squeeze)
 CVE-2013-4850
@@ -33487,7 +33457,6 @@
 CVE-2013-4788 (The PTR_MANGLE implementation in the GNU C Library (aka glibc or ...)
 	- glibc 2.17-94 (low; bug #717178)
 	- eglibc <removed>
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	[squeeze] - eglibc <no-dsa> (Incorrect hardening, only applies to statically linked binaries)
 CVE-2013-4787 (Android 1.6 Donut through 4.2 Jelly Bean does not properly check ...)
@@ -34517,7 +34486,6 @@
 CVE-2013-4458 (Stack-based buffer overflow in the getaddrinfo function in ...)
 	- eglibc <removed>
 	- glibc 2.18-1 (low; bug #727181)
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html
@@ -34966,7 +34934,6 @@
 CVE-2013-4332 (Multiple integer overflows in malloc/malloc.c in the GNU C Library ...)
 	- glibc 2.17-93 (bug #722536)
 	- eglibc <removed>
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	[squeeze] - eglibc <no-dsa> (Will be fixed in next point update)
 CVE-2013-4331 (Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before ...)
@@ -35303,7 +35270,6 @@
 CVE-2013-4237 (sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) ...)
 	- eglibc <removed>
 	- glibc 2.17-94 (bug #719558)
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	[squeeze] - eglibc <no-dsa> (Will be fixed in next point update)
 	NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=14699
@@ -37678,8 +37644,6 @@
 	{DSA-2672-1}
 	- kfreebsd-9 9.0-11 (bug #706414)
 	- kfreebsd-8 <removed> (bug #706418)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[wheezy] - kfreebsd-8 <no-dsa> (new NFS server is not enabled)
 	[squeeze] - kfreebsd-8 <no-dsa> (new NFS server is not enabled)
 	NOTE: http://www.freebsd.org/security/advisories/FreeBSD-SA-13:05.nfsserver.asc
@@ -38109,8 +38073,6 @@
 	- kfreebsd-8 <removed> (bug #720470)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	- kfreebsd-9 9.2~svn254368-2 (bug #720468)
 	- kfreebsd-10 10.0~svn254663-1 (bug #720471)
 CVE-2013-3076 (The crypto API in the Linux kernel through 3.9-rc8 does not initialize ...)
@@ -40479,7 +40441,6 @@
 	[wheezy] - tpp <no-dsa> (Minor issue)
 CVE-2013-2207 (pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not ...)
 	- eglibc <removed>
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	- glibc <unfixed> (low; bug #717544)
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	[wheezy] - eglibc <no-dsa> (Minor issue)
@@ -40606,7 +40567,6 @@
 	{DSA-2714-1}
 	- kfreebsd-9 9.0-12 (bug #712664)
 	- kfreebsd-8 <not-affected> (Only affects 9.x)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 CVE-2013-2170
 	REJECTED
 CVE-2013-2169
@@ -41486,7 +41446,6 @@
 CVE-2013-1914 (Stack-based buffer overflow in the getaddrinfo function in ...)
 	- eglibc <removed>
 	- glibc 2.17-2 (low; bug #704623)
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 CVE-2013-1913 (Integer overflow in the load_image function in file-xwd.c in the X ...)
@@ -46722,7 +46681,6 @@
 CVE-2013-0242 (Buffer overflow in the extend_buffers function in the regular ...)
 	- eglibc <removed>
 	- glibc 2.17-2 (low; bug #699399)
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/oss-sec/2013/q1/202
@@ -49900,8 +49858,6 @@
 	RESERVED
 	- kfreebsd-8 <removed> (low; bug #690986)
 	- kfreebsd-9 <removed> (low)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[squeeze] - kfreebsd-8 <no-dsa> (Minor issue)
 	[squeeze] - kfreebsd-9 <no-dsa> (Minor issue)
 	[wheezy] - kfreebsd-8 <no-dsa> (Minor issue)
@@ -49912,8 +49868,6 @@
 CVE-2012-5363
 	RESERVED
 	- kfreebsd-8 <removed> (low; bug #690986)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[squeeze] - kfreebsd-8 <no-dsa> (Minor issue)
 	[squeeze] - kfreebsd-9 <no-dsa> (Minor issue)
 	[wheezy] - kfreebsd-8 <no-dsa> (Minor issue)
@@ -52656,7 +52610,6 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/13/18
 CVE-2012-4424 (Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library ...)
 	- eglibc <removed>
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	- glibc 2.17-94 (low; bug #689423)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	[squeeze] - eglibc <no-dsa> (Minor issue)
@@ -52702,7 +52655,6 @@
 CVE-2012-4412 (Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc ...)
 	- eglibc <removed>
 	- glibc 2.17-94 (low; bug #687530)
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 CVE-2012-4411 (The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest ...)
@@ -55321,7 +55273,6 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/16
 CVE-2012-3406 (The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka ...)
 	- eglibc <removed>
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	- glibc <unfixed> (low; bug #681888)
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	[wheezy] - eglibc <no-dsa> (Minor issue)
@@ -55331,7 +55282,6 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/17
 CVE-2012-3405 (The vfprintf function in stdio-common/vfprintf.c in libc in GNU C ...)
 	- eglibc <removed>
-	[jessie] - eglibc <not-affected> (eglibc replaced by glibc in jessie, workaround for #769128)
 	- glibc 2.13-35 (low; bug #681473)
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	[squeeze] - eglibc <no-dsa> (Minor issue)
@@ -71947,8 +71897,6 @@
 CVE-2011-2393 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
 	- kfreebsd-7 <removed> (low)
 	- kfreebsd-8 <removed> (low)
-	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
-	[jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	[squeeze] - kfreebsd-8 <no-dsa> (Minor issue)
 	[wheezy] - kfreebsd-8 <no-dsa> (Minor issue)
 	- kfreebsd-9 <removed> (low; bug #684072)




More information about the Secure-testing-commits mailing list