[Secure-testing-commits] r2346 - in data: CAN DSA
Florian Weimer
fw at costa.debian.org
Sat Oct 8 08:32:57 UTC 2005
Author: fw
Date: 2005-10-08 08:32:52 +0000 (Sat, 08 Oct 2005)
New Revision: 2346
Modified:
data/CAN/list
data/DSA/list
Log:
Two new DSAs (masqmail and dia).
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-10-07 21:14:18 UTC (rev 2345)
+++ data/CAN/list 2005-10-08 08:32:52 UTC (rev 2346)
@@ -1309,9 +1309,9 @@
CAN-2005-2664 (Whisper 32 1.16, and possibly earlier versions, stores passwords in ...)
NOT-FOR-US: Whisper
CAN-2005-2663 (masqmail before 0.2.18 allows local users to overwrite arbitrary files ...)
- - masqmail <unfixed> (low; bug #329307)
+ - masqmail 0.2.20-1sarge1 (low; bug #329307)
CAN-2005-2662 (masqmail before 0.2.18 allows remote attackers to execute arbitrary ...)
- - masqmail <unfixed> (high; bug #329307)
+ - masqmail 0.2.20-1sarge1 (high; bug #329307)
CAN-2005-2661
RESERVED
CAN-2005-2660 (apachetop 0.12.5 and earlier, when running in debug mode, allows local ...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2005-10-07 21:14:18 UTC (rev 2345)
+++ data/DSA/list 2005-10-08 08:32:52 UTC (rev 2346)
@@ -1,3 +1,11 @@
+[08 Oct 2005] DSA-848-1 masqmail - several
+ {CAN-2005-2662 CAN-2005-2663}
+ - masqmail 0.2.20-1sarge1
+ NOTE: not fixed in testing at time of DSA (not fixed in unstable)
+[08 Oct 2005] DSA-847-1 dia - missing input sanitising
+ {CAN-2005-2966}
+ - dia 0.94.0-15 (bug #330890; medium)
+ NOTE: not fixed in testing at time of DSA, missing sparc build, gcc-4.0
[07 Oct 2005] DSA-846-1 cpio - several
{CAN-2005-1111 CAN-2005-1229}
- cpio 2.6-6
More information about the Secure-testing-commits
mailing list