On Tue, Feb 01, 2011 at 09:19:53PM -0500, Michael Gilbert wrote:
reopen 600667
thanks
Maybe I'm reading things wrong, or maybe Mitre's information is
actually incorrect, but it looks like the fixes claimed for
CVE-2010-3847 in 2.11.2-8 actually address CVE-2010-3856 [0] instead.
It looks
On Sat, Feb 05, 2011 at 02:20:14PM -0500, Michael Gilbert wrote:
Note that a new CVE id (CVE-2011-0536) has been assigned for a
vulnerability introduced by the patches for cve-2010-3847 [0]. It
sounds like this affects the recent DSAs. Please take a look at the
code and figure out what needs
Note that a new CVE id (CVE-2011-0536) has been assigned for a
vulnerability introduced by the patches for cve-2010-3847 [0]. It
sounds like this affects the recent DSAs. Please take a look at the
code and figure out what needs to be done to resolve these three
issues: CVE-2010-3847,
user release.debian@packages.debian.org
usertag 600667 squeeze-can-defer
tag 600667 squeeze-ignore
kthxbye
On Tue, Feb 1, 2011 at 21:19:53 -0500, Michael Gilbert wrote:
reopen 600667
thanks
Maybe I'm reading things wrong, or maybe Mitre's information is
actually incorrect, but it
Processing commands for cont...@bugs.debian.org:
user release.debian@packages.debian.org
Setting user to release.debian@packages.debian.org (was
jcris...@debian.org).
usertag 600667 squeeze-can-defer
Bug#600667: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid
library
reopen 600667
thanks
Maybe I'm reading things wrong, or maybe Mitre's information is
actually incorrect, but it looks like the fixes claimed for
CVE-2010-3847 in 2.11.2-8 actually address CVE-2010-3856 [0] instead.
It looks like CVE-2010-3847 [1] is still unfixed. The original fix in
-7 may have
6 matches
Mail list logo
