[Secure-testing-commits] r3375 - data/CVE
Florian Weimer
fw at costa.debian.org
Thu Jan 26 17:06:03 UTC 2006
Author: fw
Date: 2006-01-26 17:05:57 +0000 (Thu, 26 Jan 2006)
New Revision: 3375
Modified:
data/CVE/list
Log:
CAN-2006-0043: buffer overflow in rpc.mountd
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-01-26 13:08:59 UTC (rev 3374)
+++ data/CVE/list 2006-01-26 17:05:57 UTC (rev 3375)
@@ -1258,8 +1258,11 @@
CVE-2005-XXXX [Insecure tempfile in libjpeg6b's exifautotran]
- libjpeg6b 6b-11
[woody] - libjpeg6b <not-affected> (Does not include exifautotran)
-CVE-2006-0043
+CVE-2006-0043 [symlink-related buffer overflow in the user-space rpc.mountd]
RESERVED
+ - nfs-user-server <unfixed> (high; bug #350020)
+ NOTE: nfs-utils (kernel NFS server) is not affected
+ NOTE: (it uses PATH_MAX for the buffer passed to realpath).
CVE-2006-0042
RESERVED
CVE-2006-0041
More information about the Secure-testing-commits
mailing list