From 661e6c6d15aa9856b26f34185d1153e73a3dacd8 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 25 Apr 2024 23:04:30 +0200
Subject: Reference upstream commits for glibc issues

---
 data/CVE/list | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'data/CVE/list')

diff --git a/data/CVE/list b/data/CVE/list
index b49df0dc31..559ea1d2f4 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,21 +3,25 @@ CVE-2024-33602 [nscd: netgroup cache assumes NSS callback uses in-buffer strings
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31680
 	NOTE: https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/
 	NOTE: https://www.openwall.com/lists/oss-security/2024/04/24/2
+	NOTE: Fixed by: https://sourceware.org/git?p=glibc.git;a=commit;h=c04a21e050d64a1193a6daab872bca2528bda44b
 CVE-2024-33601 [nscd: netgroup cache may terminate daemon on memory allocation failure]
 	- glibc <unfixed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31679
 	NOTE: https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/
 	NOTE: https://www.openwall.com/lists/oss-security/2024/04/24/2
+	NOTE: Fixed by: https://sourceware.org/git?p=glibc.git;a=commit;h=c04a21e050d64a1193a6daab872bca2528bda44b
 CVE-2024-33600 [nscd: Null pointer dereferences after failed netgroup cache insertion]
 	- glibc <unfixed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31678
 	NOTE: https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/
 	NOTE: https://www.openwall.com/lists/oss-security/2024/04/24/2
+	NOTE: Fixed by: https://sourceware.org/git?p=glibc.git;a=commit;h=b048a482f088e53144d26a61c390bed0210f49f2
 CVE-2024-33599 [nscd: netgroup cache: invalid memcpy under low memory/storage conditions]
 	- glibc <unfixed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31677
 	NOTE: https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/
 	NOTE: https://www.openwall.com/lists/oss-security/2024/04/24/2
+	NOTE: Fixed by: https://sourceware.org/git?p=glibc.git;a=commit;h=87801a8fd06db1d654eea3e4f7626ff476a9bdaa
 CVE-2024-4175 (Unicode transformation vulnerability in Hyperion affecting version 2.0 ...)
 	NOT-FOR-US: Hyperion
 CVE-2024-4174 (Cross-Site Scripting (XSS) vulnerability in Hyperion Web Server affect ...)
-- 
cgit v1.2.3