[Secure-testing-commits] r2501 - in data: CVE DSA
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Oct 20 11:51:13 UTC 2005
Author: jmm-guest
Date: 2005-10-20 11:51:05 +0000 (Thu, 20 Oct 2005)
New Revision: 2501
Modified:
data/CVE/list
data/DSA/list
Log:
new module-assistant DSA
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-10-20 11:19:24 UTC (rev 2500)
+++ data/CVE/list 2005-10-20 11:51:05 UTC (rev 2501)
@@ -310,8 +310,10 @@
RESERVED
CVE-2005-3122
RESERVED
-CVE-2005-3121
+CVE-2005-3121 [Insecure temp file generation in module-assistant]
RESERVED
+ - module-assistant 0.9.10
+ TODO: Check, whether this version really fixes the issue, it's not mentioned in the changelog
CVE-2005-3120 (Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and ...)
- lynx <unfixed> (bug #334423; high)
- lynx-cur 2.8.6-16 (bug #334423; high)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2005-10-20 11:19:24 UTC (rev 2500)
+++ data/DSA/list 2005-10-20 11:51:05 UTC (rev 2501)
@@ -1,3 +1,8 @@
+[20 Oct 2005] DSA-867-1 module-assistant - insecure temporary file
+ {CVE-2005-3121}
+ [woody] - module-assistant <not-affected> (not part of Woody)
+ [sarge] - module-assistant 0.9sarge1
+ NOTE: fixed in testing at time of DSA
[20 Oct 2005] DSA-866-1 mozilla - several
{CVE-2005-2871 CVE-2005-2701 CVE-2005-2702 CVE-2005-2703 CVE-2005-2704 CVE-2005-2705 CVE-2005-2706 CVE-2005-2707 CVE-2005-2968}
[woody] - mozilla <unfixed>
More information about the Secure-testing-commits
mailing list