[Secure-testing-commits] r980 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Wed, 04 May 2005 08:44:02 +0000
Author: jmm-guest
Date: 2005-05-04 08:43:56 +0000 (Wed, 04 May 2005)
New Revision: 980
Modified:
sarge-checks/CAN/list
Log:
bzip2 fixedbzip2 fixed.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-04 02:44:47 UTC (rev 979)
+++ sarge-checks/CAN/list 2005-05-04 08:43:56 UTC (rev 980)
@@ -1096,7 +1096,7 @@
CAN-2005-0954 (Windows Explorer and Internet Explorer in Windows 2000 SP1 allows ...)
NOTE: not-for-us (Windows)
CAN-2005-0953 (Race condition in bzip2 1.0.2 and earlier allows local users to modify ...)
- - bzip2 (unfixed; bug #303300)
+ - bzip2 1.0.2-6
NOTE: This "vulnerability" is only exploitable under rarest circumstances: A (local)
NOTE: attacker would have to exploit the minimal time span between uncompressing
NOTE: the file and chmodding it to delete the file and place a hardlink to another