[Git][security-tracker-team/security-tracker][master] Update information on two bind-dyndb-ldap issues

Fri, 28 Apr 2023 12:54:24 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
30d45675 by Salvatore Bonaccorso at 2023-04-28T21:53:29+02:00
Update information on two bind-dyndb-ldap issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -533017,7 +533017,9 @@ CVE-2012-3430 (The rds_recvmsg function in 
net/rds/recv.c in the Linux kernel be
        [squeeze] - linux-2.6 2.6.32-36
        NOTE: https://www.openwall.com/lists/oss-security/2012/07/26/3
 CVE-2012-3429 (The dns_to_ldap_dn_escape function in src/ldap_convert.c in 
bind-dyndb ...)
-       NOT-FOR-US: Dynamic LDAP backend plugin for BIND
+       - bind-dyndb-ldap <not-affected> (Fixed before initial upload to Debian)
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=842466
+       NOTE: 
https://pagure.io/bind-dyndb-ldap/c/f345805c73c294db42452ae966c48fbc36c48006 
(v2.0)
 CVE-2012-3428 (The IronJacamar container before 1.0.12.Final for JBoss 
Application Se ...)
        - jbossas4 <not-affected> (Only builds a few libraries, not the full 
application server)
 CVE-2012-3427 (EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application 
Platfor ...)
@@ -536375,7 +536377,10 @@ CVE-2012-2135 (The utf-16 decoder in Python 3.1 
through 3.3 does not update the
        - python3.3 3.3.1-1
        NOTE: http://bugs.python.org/issue14579
 CVE-2012-2134 (The handle_connection_error function in ldap_helper.c in 
bind-dyndb-ld ...)
-       NOT-FOR-US: Dynamic LDAP backend plugin for BIND
+       - bind-dyndb-ldap <not-affected> (Fixed before initial upload to Debian)
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=815846
+       NOTE: https://www.openwall.com/lists/oss-security/2012/04/24/14
+       NOTE: 
https://pagure.io/bind-dyndb-ldap/c/cd33194c5a61e98cba53212458cce02b849077ba 
(v1.1.0rc1)
 CVE-2012-2133 (Use-after-free vulnerability in the Linux kernel before 3.3.6, 
when hu ...)
        {DSA-2469-1}
        - linux-2.6 3.2.19-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30d456756096fa9425747abcc7884df06c6a07b9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30d456756096fa9425747abcc7884df06c6a07b9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to