Author: jmm
Date: 2011-04-13 18:27:27 +0000 (Wed, 13 Apr 2011)
New Revision: 16521
Modified:
data/CVE/list
Log:
update glibc status, thanks to Arne Wichmann and Kees
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-04-13 05:52:40 UTC (rev 16520)
+++ data/CVE/list 2011-04-13 18:27:27 UTC (rev 16521)
@@ -3138,7 +3138,7 @@
CVE-2011-0537 (Multiple directory traversal vulnerabilities in (1) ...)
- mediawiki <not-affected> (Only affected when running on Windows or
Novell Netware)
CVE-2011-0536 (Multiple untrusted search path vulnerabilities in
elf/dl-object.c in ...)
- - eglibc <unfixed> (bug #600667)
+ - eglibc 2.11.2-8 (bug #600667)
- glibc <removed>
CVE-2011-0535 (Cross-site request forgery (CSRF) vulnerability in the Users
module in ...)
NOT-FOR-US: zikula
@@ -6780,10 +6780,8 @@
- linux-2.6 2.6.32-28
CVE-2010-3847 (elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6)
...)
{DSA-2122-2 DSA-2122-1}
- - eglibc <unfixed> (bug #600667)
+ - eglibc 2.11.2-8 (bug #600667)
- glibc <removed>
- NOTE: http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html
- NOTE: Initial -7 fix was incomplete, -8 fixes wrong CVE-2010-3856; this still
appears unfixed and there is now even CVE-2011-0536 for a new vuln introduced by
this CVE
CVE-2010-3846 (Array index error in the apply_rcs_change function in rcs.c in
CVS ...)
- cvs <not-affected> (vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3852