On Wed, 2015-02-11 at 22:11 +0100, Aurelien Jarno wrote: > Control: notfound -1 eglibc 2.13-38+deb7u7 > Control: fixed -1 eglibc/2.13-38+deb7u5 > > On 2015-01-29 23:53, Ben Hutchings wrote: > > Control: retitle -1 libc6: getaddrinfo() sends DNS queries to random file descriptors (CVE-2013-7423) > > Control: forwarded -1 https://sourceware.org/bugzilla/show_bug.cgi?id=15946 > > Control: severity -1 serious > > Control: found -1 eglibc 2.11.3-4+deb6u4 > > Control: found -1 eglibc 2.13-38+deb7u7 > > > > This bug came up again at > > <http://www.openwall.com/lists/oss-security/2015/01/28/16>. It still > > needs fixing in wheezy and squeeze-lts. > > It does NOT need to be fixed on wheezy, as it was already done a few > months ago as part of the 2.13-38+deb7u5 upload: [...] Sorry Aurelien, I assumed this was a 3.0 (quilt) package so I mistakenly looked at the unpatched source. Ben. -- Ben Hutchings Never attribute to conspiracy what can adequately be explained by stupidity.
Description: This is a digitally signed message part