[Secure-testing-commits] r36802 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Sep 23 14:53:21 UTC 2015
Author: carnil
Date: 2015-09-23 14:53:21 +0000 (Wed, 23 Sep 2015)
New Revision: 36802
Modified:
data/CVE/list
Log:
Update entry for CVE-2013-4122, the fix was lost at one point in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-23 11:38:15 UTC (rev 36801)
+++ data/CVE/list 2015-09-23 14:53:21 UTC (rev 36802)
@@ -54450,11 +54450,12 @@
[squeeze] - squid3 <not-affected> (Only affects 3.2 onwards)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2013_3.txt
CVE-2013-4122 (Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a ...)
- - cyrus-sasl2 2.1.25.dfsg1-14 (bug #716835)
+ - cyrus-sasl2 2.1.26.dfsg1-14 (bug #716835; bug #784112)
[wheezy] - cyrus-sasl2 <not-affected> (Only exploitable with eglibc 2.17 and later)
[squeeze] - cyrus-sasl2 <not-affected> (Only exploitable with eglibc 2.17 and later)
NOTE: http://openwall.com/lists/oss-security/2013/07/12/3
NOTE: http://git.cyrusimap.org/cyrus-sasl/commit/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d
+ NOTE: Was originally already fixed in 2.1.25.dfsg1-14 (cf. #716835)
CVE-2013-4121
REJECTED
CVE-2013-4120
More information about the Secure-testing-commits
mailing list