[Secure-testing-commits] r5506 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Sun Mar 4 17:16:32 CET 2007
Author: stef-guest
Date: 2007-03-04 16:16:29 +0000 (Sun, 04 Mar 2007)
New Revision: 5506
Modified:
data/CVE/list
Log:
- new putty issue
- dropbear fixed in etch
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-03-04 13:36:01 UTC (rev 5505)
+++ data/CVE/list 2007-03-04 16:16:29 UTC (rev 5506)
@@ -1,3 +1,6 @@
+CVE-2007-XXXX [puttygen can create world-readable private keys]
+ - putty <unfixed> (bug #400804; low)
+ [sarge] - putty <no-dsa> (minor issue)
CVE-2007-XXXX [asterisk remote SIP security hole]
- asterisk 1:1.2.16~dfsg-1
CVE-2007-1160 (webSPELL 4.0, and possibly later versions, allows remote attackers to ...)
@@ -128,6 +131,7 @@
NOT-FOR-US: Pickle
CVE-2007-1099 (dbclient in Dropbear SSH client before 0.49 does not sufficiently warn ...)
- dropbear 0.49-1 (bug #412899)
+ [etch] - dropbear 0.48.1-2
CVE-2007-1098 (Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 have ...)
NOT-FOR-US: ScryMUD
CVE-2007-1097 (Unspecified vulnerability in the upload tool in Wiclear before 0.11.1 ...)
More information about the Secure-testing-commits
mailing list