[Secure-testing-commits] r10768 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sun Dec 21 19:54:08 UTC 2008
Author: nion
Date: 2008-12-21 19:54:07 +0000 (Sun, 21 Dec 2008)
New Revision: 10768
Modified:
data/CVE/list
Log:
CVE-2008-5369 fixed in no-ip 2.1.9-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-21 18:16:17 UTC (rev 10767)
+++ data/CVE/list 2008-12-21 19:54:07 UTC (rev 10768)
@@ -747,7 +747,7 @@
- pvpgn 1.8.1-2 (low; bug #509336)
[etch] - pvpgn <no-dsa> (Contrib not supported)
CVE-2008-5369 (noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files ...)
- - no-ip <unfixed> (unimportant; bug #509348)
+ - no-ip 2.1.9-1 (unimportant; bug #509348)
NOTE: original issue doesn't seem to be present, however there is a tmprace in the init
NOTE: script if it is used to debug with strace and a missing check for mkstemp failing
NOTE: but these situations are really corner cases
More information about the Secure-testing-commits
mailing list