[Secure-testing-commits] r10780 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Mon Dec 22 22:18:52 UTC 2008
Author: white
Date: 2008-12-22 22:18:51 +0000 (Mon, 22 Dec 2008)
New Revision: 10780
Modified:
data/CVE/list
Log:
One tmp issue unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-22 21:14:11 UTC (rev 10779)
+++ data/CVE/list 2008-12-22 22:18:51 UTC (rev 10780)
@@ -763,7 +763,8 @@
- ppp <unfixed> (unimportant)
NOTE: insecure temp file handling in udeb is not an issue, since it is during the installation
CVE-2008-5366 (The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local ...)
- - ppp <unfixed> (low; bug #509488)
+ - ppp <unfixed> (unimportant; bug #509488)
+ NOTE: Package postinst isn't vulnerable, only .tmp files in /etc
CVE-2008-5365 (SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares ...)
NOT-FOR-US: ActiveWebSoftwares
CVE-2008-5364 (Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx ...)
More information about the Secure-testing-commits
mailing list