[Git][security-tracker-team/security-tracker][master] Update information of (ancient) GlusterFS issue CVE-2012-5635

Salvatore Bonaccorso carnil at debian.org
Thu Nov 15 20:00:55 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
de046490 by Salvatore Bonaccorso at 2018-11-15T19:57:56Z
Update information of (ancient) GlusterFS issue CVE-2012-5635

The unsafe use of /tmp issues were fixed a long time back with two
commits:

  http://git.gluster.org/cgit/glusterfs.git/commit/?id=b8d5fd2b88db7e18a10e57a0edf1a41eda4f5314 (v3.4.0qa8)

and

  http://git.gluster.org/cgit/glusterfs.git/commit/?id=11bb1fc5849a557d1a26e59bd651fbd0d07a1b8d (v3.5.0qa1)

with the first version in Debian 3.5.0 beeing the one including both.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -207534,7 +207534,9 @@ CVE-2012-5637
 CVE-2012-5636 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
 	NOT-FOR-US: Apache Wicket
 CVE-2012-5635 (The GlusterFS functionality in Red Hat Storage Management Console 2.0, ...)
-	- glusterfs <unfixed> (unimportant; bug #704944)
+	- glusterfs 3.5.0-1 (unimportant; bug #704944)
+	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=b8d5fd2b88db7e18a10e57a0edf1a41eda4f5314 (v3.4.0qa8)
+	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=11bb1fc5849a557d1a26e59bd651fbd0d07a1b8d (v3.5.0qa1)
 	NOTE: Neutralised by kernel hardening
 CVE-2012-5634 (Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, ...)
 	{DSA-2636-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/de0464902cfc4ab4450a63b9d84dc63324eec8bd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/de0464902cfc4ab4450a63b9d84dc63324eec8bd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181115/f65f784f/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list