[Secure-testing-team] Bug#725902: slim: CVE-2013-4412: NULL pointer dereference
Salvatore Bonaccorso
carnil at debian.org
Wed Oct 9 20:33:07 UTC 2013
Package: slim
Severity: important
Tags: security upstream patch fixed-upstream
Hi,
the following vulnerability was published for slim.
CVE-2013-4412[0]:
NULL ptr dereference
Upstream fix is at [1] and as eglibc (>= 2.17) is only in jessie and
unstable it does not affect oldstable and stable.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4412
http://security-tracker.debian.org/tracker/CVE-2013-4412
[1] http://git.berlios.de/cgi-bin/cgit.cgi/slim/commit/?id=fbdfae3b406b1bb6f4e5e440e79b9b8bb8f071f
Regards,
Salvatore
More information about the Secure-testing-team
mailing list