[Secure-testing-commits] r58311 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 6 21:55:57 UTC 2017
Author: carnil
Date: 2017-12-06 21:55:57 +0000 (Wed, 06 Dec 2017)
New Revision: 58311
Modified:
data/CVE/list
Log:
Add information for CVE-2017-17426/glibc
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-06 21:41:05 UTC (rev 58310)
+++ data/CVE/list 2017-12-06 21:55:57 UTC (rev 58311)
@@ -251,12 +251,11 @@
CVE-2017-17427
RESERVED
CVE-2017-17426 (The malloc function in the GNU C Library (aka glibc or libc6) 2.26 ...)
- - glibc <unfixed>
- - eglibc <removed>
+ - glibc <not-affected> (Issue introduced in glibc-2.26 with addition of per-thread cache to malloc)
+ - eglibc <not-affected> (Issue introduced in glibc-2.26 with addition of per-thread cache to malloc)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22375
NOTE: Introduced by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d5c3fafc4307c9b7a4c7d5cb381fcdbfad340bcc
NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=34697694e8a93b325b18f25f7dcded55d6baeaf6
- TODO: check, verify the introducing commit
CVE-2017-1000410 [Info Leak in the Linux Kernel via Bluetooth]
- linux <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2017/12/06/3
More information about the Secure-testing-commits
mailing list