[Git][security-tracker-team/security-tracker][master] Update status for CVE-2013-4235/shadow

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Nov 29 07:25:56 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
77f1ac59 by Salvatore Bonaccorso at 2022-11-29T08:25:22+01:00
Update status for CVE-2013-4235/shadow

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -477422,7 +477422,16 @@ CVE-2013-4237 (sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc
 CVE-2013-4236 (VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged  ...)
 	- vdsm <itp> (bug #668538)
 CVE-2013-4235 (shadow: TOCTOU (time-of-check time-of-use) race condition when copying ...)
-	- shadow <unfixed> (unimportant; bug #778950)
+	- shadow 1:4.12.3+dfsg1-1 (unimportant; bug #778950)
+	NOTE: https://github.com/shadow-maint/shadow/issues/317
+	NOTE: https://github.com/shadow-maint/shadow/pull/545
+	NOTE: https://github.com/shadow-maint/shadow/commit/e9ae247cb14f977d8881f481488843b10665dba8 (4.12.2)
+	NOTE: https://github.com/shadow-maint/shadow/commit/f6f8bcd2a57c06983296485cc028ebdf467ebfd7 (4.12.2)
+	NOTE: https://github.com/shadow-maint/shadow/commit/dab764d0195fc16d1d39330eee8a33e8917826d8 (4.12.2)
+	NOTE: https://github.com/shadow-maint/shadow/commit/1d281273b149f2bb992d893d8ca9ffffddc95cc8 (4.12.2)
+	NOTE: https://github.com/shadow-maint/shadow/commit/f606314f0c22fb5d13e5af17a70860d57559e808 (4.12.2)
+	NOTE: https://github.com/shadow-maint/shadow/commit/6cbec2d0aa29d6d25e9eed007ded4e79eb637519 (4.12.2)
+	NOTE: https://github.com/shadow-maint/shadow/commit/faeab50e710131816b261de66141524898c2c487 (4.12.2)
 CVE-2013-4234 (Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2)  ...)
 	{DSA-2751-1}
 	- libmodplug 1:0.8.8.4-4 (bug #719462)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77f1ac59f8efe8d99f7b3822f2439c1767485a5f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77f1ac59f8efe8d99f7b3822f2439c1767485a5f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221129/c9cb7b22/attachment.htm>

More information about the debian-security-tracker-commits mailing list