Author: carnil
Date: 2017-12-06 21:55:57 +0000 (Wed, 06 Dec 2017)
New Revision: 58311
Modified:
data/CVE/list
Log:
Add information for CVE-2017-17426/glibc
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-06 21:41:05 UTC (rev 58310)
+++ data/CVE/list 2017-12-06 21:55:57 UTC (rev 58311)
@@ -251,12 +251,11 @@
CVE-2017-17427
RESERVED
CVE-2017-17426 (The malloc function in the GNU C Library (aka glibc or libc6)
2.26 ...)
- - glibc <unfixed>
- - eglibc <removed>
+ - glibc <not-affected> (Issue introduced in glibc-2.26 with addition of
per-thread cache to malloc)
+ - eglibc <not-affected> (Issue introduced in glibc-2.26 with addition
of per-thread cache to malloc)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22375
NOTE: Introduced by:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d5c3fafc4307c9b7a4c7d5cb381fcdbfad340bcc
NOTE: Fixed by:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=34697694e8a93b325b18f25f7dcded55d6baeaf6
- TODO: check, verify the introducing commit
CVE-2017-1000410 [Info Leak in the Linux Kernel via Bluetooth]
- linux <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2017/12/06/3
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
