[Secure-testing-commits] r2090 - data/DTSA/advs

[Micah Anderson]

Author: micah
Date: 2005-09-22 12:36:17 +0000 (Thu, 22 Sep 2005)
New Revision: 2090

Added:
   data/DTSA/advs/18-python2.2.adv
   data/DTSA/advs/19-kdelibs.adv
Removed:
   data/DTSA/advs/18-kdelibs.adv
   data/DTSA/advs/19-python2.2.adv
Log:
Bump kdelibs adv number


Deleted: data/DTSA/advs/18-kdelibs.adv
===================================================================
--- data/DTSA/advs/18-kdelibs.adv	2005-09-22 12:33:08 UTC (rev 2089)
+++ data/DTSA/advs/18-kdelibs.adv	2005-09-22 12:36:17 UTC (rev 2090)
@@ -1,15 +0,0 @@
-source: kdelibs
-date: September 13th, 2005
-author: Moritz Muehlenhoff
-vuln-type: insecure default permissions
-problem-scope: local
-debian-specifc: no
-cve: CAN-2005-1920
-vendor-advisory: 
-testing-fix: 4:3.3.2-6.1etch1
-sid-fix: 4:3.4.2-1
-upgrade: apt-get install kdelibs4
-
-kate always created backup files for edited files with default permissions,
-even if the original permissions were stricter. This could lead to information
-disclosure.
\ No newline at end of file

Copied: data/DTSA/advs/18-python2.2.adv (from rev 2089, data/DTSA/advs/19-python2.2.adv)

Copied: data/DTSA/advs/19-kdelibs.adv (from rev 2088, data/DTSA/advs/18-kdelibs.adv)

Deleted: data/DTSA/advs/19-python2.2.adv
===================================================================
--- data/DTSA/advs/19-python2.2.adv	2005-09-22 12:33:08 UTC (rev 2089)
+++ data/DTSA/advs/19-python2.2.adv	2005-09-22 12:36:17 UTC (rev 2090)
@@ -1,17 +0,0 @@
-source: python2.2
-date: September 22, 2005
-author: Micah Anderson
-vuln-type: integer overflow
-problem-scope: remote
-debian-specifc: no
-cve: CAN-2005-2491
-vendor-advisory: 
-testing-fix: 2.2.3dfsg-2sarge1
-sid-fix: 2.2.3dfsg-4
-upgrade: apt-get install python2.2
-
-An integer overflow with a subsequent buffer overflow has been detected
-in PCRE, the Perl Compatible Regular Expressions library, allowing
-a remote attacker to execute arbitrary code. This code is also present in Python.
-Exploiting this vulnerability requires an attacker to specify the used
-regular expression.