[Secure-testing-commits] r31704 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Mon Jan 26 21:06:48 UTC 2015
Author: hertzog
Date: 2015-01-26 21:06:48 +0000 (Mon, 26 Jan 2015)
New Revision: 31704
Modified:
data/CVE/list
Log:
Mark file as not-affected on squeeze for http://bugs.gw.com/view.php?id=398
My reading of the code didn't find any possible out of bound access and
this has been confirmed by running valgrind on the file submitted to
upstream to reproduce the issue.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-26 21:06:41 UTC (rev 31703)
+++ data/CVE/list 2015-01-26 21:06:48 UTC (rev 31704)
@@ -3326,6 +3326,7 @@
NOTE: http://www.rabbitmq.com/release-notes/README-3.4.0.txt
CVE-2014-XXXX [out-of-bounds memory access]
- file 1:5.21+15-1
+ [squeeze] - file <not-affected> (The code was not vulnerable, confirmed with Valgrind on the test data submitted to upstream)
[wheezy] - file 5.11-2+deb7u7
- php5 <unfixed>
[wheezy] - php5 5.4.36-0+deb7u3
More information about the Secure-testing-commits
mailing list