[Secure-testing-commits] r2502 - data/DSA
Florian Weimer
fw at costa.debian.org
Thu Oct 20 11:57:36 UTC 2005
Author: fw
Date: 2005-10-20 11:57:35 +0000 (Thu, 20 Oct 2005)
New Revision: 2502
Modified:
data/DSA/list
Log:
Add remarks regarding DSA-866-1 and CVE-2005-2968.
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2005-10-20 11:51:05 UTC (rev 2501)
+++ data/DSA/list 2005-10-20 11:57:35 UTC (rev 2502)
@@ -4,10 +4,13 @@
[sarge] - module-assistant 0.9sarge1
NOTE: fixed in testing at time of DSA
[20 Oct 2005] DSA-866-1 mozilla - several
- {CVE-2005-2871 CVE-2005-2701 CVE-2005-2702 CVE-2005-2703 CVE-2005-2704 CVE-2005-2705 CVE-2005-2706 CVE-2005-2707 CVE-2005-2968}
+ {CVE-2005-2871 CVE-2005-2701 CVE-2005-2702 CVE-2005-2703 CVE-2005-2704 CVE-2005-2705 CVE-2005-2706 CVE-2005-2707}
[woody] - mozilla <unfixed>
[sarge] - mozilla 1:1.7.8-1sarge3
NOTE: not fixed in testing at time of DSA (missing hppa, RC bugs)
+ NOTE: DSA claims to fix CVE-2005-2968 and contains a patch. But
+ NOTE: mozilla-browser 1.7.8-1sarge2 does not contain the
+ NOTE: wrapper script in a vulnerable version.
[13 Oct 2005] DSA-865-1 hylafax - insecure temporary files
{CVE-2005-3069}
- hylafax 1:4.2.2-1
More information about the Secure-testing-commits
mailing list