[Secure-testing-commits] r3739 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at costa.debian.org
Mon Apr 3 23:44:47 UTC 2006


Author: jmm-guest
Date: 2006-04-03 23:44:40 +0000 (Mon, 03 Apr 2006)
New Revision: 3739

Modified:
   data/CVE/list
   data/DSA/list
Log:
new dsa
two rpath issues fixed
fixed syntax of busybox entry


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-04-03 21:14:26 UTC (rev 3738)
+++ data/CVE/list	2006-04-03 23:44:40 UTC (rev 3739)
@@ -233,10 +233,10 @@
 	- subversion 1.3.0-5 (bug #359234; low)
 	[sarge] - subversion <not-affected> (No rpaths set in Sarge)
 CVE-2006-XXXX [libtunepimp rpath set to /tmp]
-	- libtunepimp <unfixed> (bug #359241; low)
+	- libtunepimp 0.4.2-3 (bug #359241; low)
 	[sarge] - libtunepimp <not-affected> (rpath not set to /tmp in Sarge)
 CVE-2006-XXXX [gpib rpath set to /tmp]
-	- gpib <unfixed> (bug #359239; low)
+	- gpib 3.2.06-3 (bug #359239; low)
 	[sarge] - gpib <not-affected> (rpath not set to /tmp in Sarge)
 CVE-2006-XXXX [fftw rpath set to user home]
 	- fftw <unfixed> (bug #358157; low)
@@ -1204,7 +1204,7 @@
 	[sarge] - samba <not-affected>
 CVE-2006-1058
 	RESERVED
-	- busybox (unfixed; low; bug #360578)
+	- busybox <unfixed> low; bug #360578)
 CVE-2006-1057
 	RESERVED
 CVE-2006-1056
@@ -17692,6 +17692,7 @@
 CVE-2004-1617 (Lynx allows remote attackers to cause a denial of service (infinite ...)
 	NOTE: This is fixed in lynx-cur, maybe a fix can be extracted from there
 	- lynx <unfixed> (bug #296340; low)
+	[sarge] - lynx <no-dsa> (Unimportant for a single-instance browser like Lynx)
 	- lynx-cur 2.8.6-6 (low)
 CVE-2004-1616 (Links allows remote attackers to cause a denial of service (memory ...)
 	- links 0.99+1.00pre12-1 (bug #296341; low) 

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-04-03 21:14:26 UTC (rev 3738)
+++ data/DSA/list	2006-04-03 23:44:40 UTC (rev 3739)
@@ -1,3 +1,6 @@
+[04 Apr 2006] DSA-1022-1 storebackup - several
+	{CVE-2005-3146 CVE-2005-3147 CVE-2005-3148}
+	[sarge] - storebackup 1.18.4-2sarge1
 [28 Mar 2006] DSA-1021-1 netpbm-free - insecure program execution
 	{CVE-2005-2471}
 	[woody] - netpbm-free 2:9.20-8.6




More information about the Secure-testing-commits mailing list