[Secure-testing-commits] r32760 - data/CVE

[Ben Hutchings]

Author: benh
Date: 2015-03-10 20:18:10 +0000 (Tue, 10 Mar 2015)
New Revision: 32760

Modified:
   data/CVE/list
Log:
Merge a CVE-2012-XXXX entry with CVE-2012-6689

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-10 19:15:57 UTC (rev 32759)
+++ data/CVE/list	2015-03-10 20:18:10 UTC (rev 32760)
@@ -2031,14 +2031,6 @@
 	[squeeze] - potrace <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=955808
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/06/12
-CVE-2012-XXXX [Incorrect validation of netlink message origin allows attackers to spoof netlink messages]
-	- linux 3.6.4-1
-	[wheezy] - linux 3.2.30-1
-	- linux-2.6 <removed>
-	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=848949
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/06/13
-	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e1db19db5d6b9e4e83021595eab0dc8f107bef (3.6)
-	NOTE: Also fixed in 3.2.30
 CVE-2012-XXXX [Out-of heap-based buffer write in GIF encoder]
 	- byzanz <unfixed> (low; bug #778261)
 	[jessie] - byzanz <no-dsa> (Minor issue)
@@ -2048,8 +2040,11 @@
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/06/11
 CVE-2012-6689 [incorrect validation of netlink message origin allows attackers to spoof netlink messages]
 	RESERVED
-	- linux 3.8.11-1
+	- linux 3.6.4-1
+	[wheezy] - linux 3.2.30-1
 	- linux-2.6 <removed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=848949
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/06/13
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e1db19db5d6b9e4e83021595eab0dc8f107bef (v3.6-rc5)
 CVE-2012-6687 (FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause ...)
 	- libfcgi 2.4.0-8.3 (bug #681591)