[Secure-testing-commits] r2973 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Dec 7 15:47:15 UTC 2005
Author: jmm-guest
Date: 2005-12-07 15:47:07 +0000 (Wed, 07 Dec 2005)
New Revision: 2973
Modified:
data/CVE/list
Log:
correct libnet-server-perl/format string fix
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-12-07 15:00:30 UTC (rev 2972)
+++ data/CVE/list 2005-12-07 15:47:07 UTC (rev 2973)
@@ -10429,7 +10429,10 @@
CVE-2005-1128 (Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow ...)
NOT-FOR-US: VHCS
CVE-2005-1127 (Format string vulnerability in the log function in Net::Server 0.87 ...)
- - libnet-server-perl 0.89-1
+ - libnet-server-perl 0.87-1
+ NOTE: This was already fixed in 0.87-1, although the changelog doesn't mention
+ NOTE: the security implication, which was noticed later. I've verified both fixes
+ NOTE: are identical
CVE-2005-1126 (The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 ...)
NOT-FOR-US: Free BSD
CVE-2005-1125 (Race condition in libsafe 2.0.16 and earlier, when running in ...)
More information about the Secure-testing-commits
mailing list