[Secure-testing-commits] r3765 - data/CVE
Joey Hess
joeyh at costa.debian.org
Thu Apr 6 23:04:44 UTC 2006
Author: joeyh
Date: 2006-04-06 23:04:38 +0000 (Thu, 06 Apr 2006)
New Revision: 3765
Modified:
data/CVE/list
Log:
add a note on CVE-2004-2265, dnprogs is not vulnerable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-06 22:58:59 UTC (rev 3764)
+++ data/CVE/list 2006-04-06 23:04:38 UTC (rev 3765)
@@ -10664,6 +10664,7 @@
NOT-FOR-US: Ansel
CVE-2004-2265 (UUDeview 0.5.20 and earlier handles temporary files insecurely during ...)
- uudeview <unfixed> (bug #320541; medium)
+ NOTE: uudeview apparetly not vulnerable, unsafe code is not called (#358500)
TODO: check libconvert-uulib-perl, Florian Weimer is looking at libconvert-uulib-perl
TODO: Check, to which extent #242999 applies (there might be more?)
CVE-2004-2264 (** DISPUTED ** ...)
More information about the Secure-testing-commits
mailing list