[Secure-testing-commits] r10761 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sun Dec 21 13:57:30 UTC 2008
Author: nion
Date: 2008-12-21 13:57:30 +0000 (Sun, 21 Dec 2008)
New Revision: 10761
Modified:
data/CVE/list
Log:
new no-ip issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-21 13:40:19 UTC (rev 10760)
+++ data/CVE/list 2008-12-21 13:57:30 UTC (rev 10761)
@@ -747,7 +747,10 @@
- pvpgn <unfixed> (low; bug #509336)
[etch] - pvpgn <no-dsa> (Contrib not supported)
CVE-2008-5369 (noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files ...)
- TODO: check
+ - no-ip <unfixed> (unimportant; bug #509348)
+ NOTE: original issue doesn't seem to be present, however there is a tmprace in the init
+ NOTE: script if it is used to debug with strace and a missing check for mkstemp failing
+ NOTE: but these situations are really corner cases
CVE-2008-5368 (muttprint in muttprint 0.72d allows local users to overwrite arbitrary ...)
TODO: check
CVE-2008-5367 (ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to ...)
More information about the Secure-testing-commits
mailing list