Re: [SECURITY] [DSA 2122-2] New glibc packages fix privilege escalation

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 2122-2] New glibc packages fix privilege escalation
From: Cyril Brulebois <kibi@debian.org>
Date: Tue, 11 Jan 2011 21:10:39 +0100
Message-id: <[🔎] 20110111201039.GF24041@debian.org>
In-reply-to: <87tyhfp6fc.fsf@mid.deneb.enyo.de>
References: <87tyhfp6fc.fsf@mid.deneb.enyo.de>

Florian Weimer <fw@deneb.enyo.de> (11/01/2011):
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> - -------------------------------------------------------------------------
> Debian Security Advisory DSA-2122-2                   security@debian.org
> http://www.debian.org/security/                            Florian Weimer
> January 11, 2011                       http://www.debian.org/security/faq
> - -------------------------------------------------------------------------
> 
> Package        : glibc
> Vulnerability  : missing input sanitization
> Problem type   : local
> Debian-specific: no
> CVE ID         : CVE-2010-3847 CVE-2010-3856
> 
> Colin Watson discovered that the update for stable relased in
> DSA-2122-1 did not complete address the underlying security issue in
                            ↑ +ly

I obeyed the Reply-To, but maybe one should mail another address to
get typos fixed in the web version?

KiBi.

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 2122-2] New glibc packages fix privilege escalation
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: Bug#609641: sudo doesn't ask for password when only the GID is changed
Next by Date: Upcoming Lenny point release
Previous by thread: Re: Bug#609641: sudo doesn't ask for password when only the GID is changed
Next by thread: Re: [SECURITY] [DSA 2122-2] New glibc packages fix privilege escalation
Index(es):
- Date
- Thread