[Secure-testing-commits] r26924 - data/CVE

Salvatore Bonaccorso Wed, 14 May 2014 12:23:34 -0700

Author: carnil
Date: 2014-05-14 19:23:01 +0000 (Wed, 14 May 2014)
New Revision: 26924


Modified:
   data/CVE/list
Log:
Add CVE-2012-6647/linux

The fix for 3.2.x is contained in 3.2.27, the first version in Debian
containing the comit thus is 3.2.29-1.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-05-14 15:47:59 UTC (rev 26923)
+++ data/CVE/list       2014-05-14 19:23:01 UTC (rev 26924)
@@ -1214,6 +1214,11 @@
        RESERVED
 CVE-2013-7369 (SQL injection vulnerability in an unspecified DLL in the 
FSDBCom ...)
        NOT-FOR-US: F-Secure Anti-Virus
+CVE-2012-6647 [forbid uaddr == uaddr2 in futex_wait_requeue_pi() to avoid null 
dereference]
+       - linux 3.2.29-1
+       - linux-2.6 <removed>
+       NOTE: Upstream fix: 
https://git.kernel.org/linus/6f7b0a2a5c0fb03be7c25bd1745baa50582348ef
+       NOTE: Introduced in 
https://git.kernel.org/linus/52400ba946759af28442dee6265c5c0180ac7122
 CVE-2012-6646 (F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation 
Security ...)
        NOT-FOR-US: F-Secure
 CVE-2014-XXXX [Insecure default permissions for ~/.virtualenvs and scripts]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r26924 - data/CVE

Reply via email to