Author: thijs Date: 2012-06-19 07:31:47 +0000 (Tue, 19 Jun 2012) New Revision: 19534 Modified: data/CVE/list Log: clarify affected status and meaning of fixed version Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-06-19 07:27:50 UTC (rev 19533) +++ data/CVE/list 2012-06-19 07:31:47 UTC (rev 19534) @@ -3371,6 +3371,8 @@ - mysql-5.5 5.5.24+dfsg-1 NOTE: https://www.secmaniac.com/blog/2012/06/11/massive-mysql-authentication-bypass-exploit/ NOTE: http://seclists.org/oss-sec/2012/q2/493 + NOTE: Issue only triggered with specific optimisation in glibc enabled; no builds in Debian known to be affected. + NOTE: Fixed versions indicate application of upstream patch which prevents issue regardless of opt.settings. CVE-2012-2121 (The KVM implementation in the Linux kernel before 3.3.4 does not ...) - linux-2.6 3.2.17-1 CVE-2012-2120 (latex2man in texlive-extra-utils 2011.20120322, and possibly other ...)