[Secure-testing-commits] r6359 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Sun Aug 19 20:24:41 UTC 2007
Author: stef-guest
Date: 2007-08-19 20:24:40 +0000 (Sun, 19 Aug 2007)
New Revision: 6359
Modified:
data/CVE/list
Log:
new issues fixed: libpam-usb, id3lib3.8.3
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-19 10:43:37 UTC (rev 6358)
+++ data/CVE/list 2007-08-19 20:24:40 UTC (rev 6359)
@@ -1,3 +1,8 @@
+CVE-2007-XXXX [pam usb wrongly allows authentication without password in ssh sessions]
+ - libpam-usb 0.4.1-1 (medium)
+ NOTE: see http://sourceforge.net/mailarchive/forum.php?thread_name=7D75703BC8E1C149BF78A1E79AAAB169B8A2E4%40svits28.main.ad.rit.edu&forum_name=pamusb-devel
+CVE-2007-XXXX [id3lib insecure tempfile creation]
+ - id3lib3.8.3 3.8.3-7 (low; bug #438540)
CVE-2007-XXXX [lwat sometimes logs passwords in access.log]
- lwat 0.15-2 (low)
CVE-2007-4371 (Unrestricted file upload vulnerability in admin/pages/blog-add.php in ...)
More information about the Secure-testing-commits
mailing list