[Secure-testing-commits] r4244 - data/CVE

Fri Jun 16 18:31:48 UTC 2006

Author: stef-guest
Date: 2006-06-16 18:31:45 +0000 (Fri, 16 Jun 2006)
New Revision: 4244

Modified:
   data/CVE/list
Log:
CVE-2006-2449: new kdm issue
CVE-2006-2916: new artswrapper issue



Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-06-16 17:38:04 UTC (rev 4243)
+++ data/CVE/list	2006-06-16 18:31:45 UTC (rev 4244)
@@ -192,8 +192,10 @@
 	RESERVED
 CVE-2006-2917
 	RESERVED
-CVE-2006-2916
+CVE-2006-2916 [artswrapper local root]
 	RESERVED
+	- arts <unfixed> (bug filed; low)
+	NOTE: artswrapper is not suid root by default, but README.Debian describes it
 CVE-2006-2915
 	RESERVED
 CVE-2006-2914
@@ -1288,8 +1290,9 @@
 	RESERVED
 CVE-2006-2450
 	RESERVED
-CVE-2006-2449
+CVE-2006-2449 [kdm arbitrary file read via symlink]
 	RESERVED
+	- kdebase <unfixed> (bug filed; medium)
 CVE-2006-2448
 	RESERVED
 CVE-2006-2447 (SpamAssassin before 3.1.3, when running with vpopmail and the paranoid ...)


