[Secure-testing-commits] r8098 - in data: . CVE NMU
nion at alioth.debian.org
nion at alioth.debian.org
Thu Feb 7 19:05:45 UTC 2008
Author: nion
Date: 2008-02-07 19:05:45 +0000 (Thu, 07 Feb 2008)
New Revision: 8098
Modified:
data/CVE/list
data/NMU/list
data/embedded-code-copies
Log:
wml embeds libgd fork
insecure tmpfile handling fixed in wml 2.0.11-3.1
/usr/lib/subversion/hook-scripts/commit-email.pl: `/usr/bin/svnlook diff /svn/secure-testing -r 8098' failed with this output:
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-02-07 18:53:05 UTC (rev 8097)
+++ data/CVE/list 2008-02-07 19:05:45 UTC (rev 8098)
@@ -307,7 +307,7 @@
NOTE: This enhances the fix for CVE-2006-3636.
NOTE: http://mail.python.org/pipermail/mailman-announce/2008-February/000095.html
CVE-2008-XXXX [insecure tmp file usage in webwml]
- - wml <unfixed> (low; bug #463907)
+ - wml 2.0.11-3.1 (low; bug #463907)
[sarge] - wml <not-affected> (Vulnerable code is patched to use mkdtemp)
NOTE: CVE id pending
CVE-2008-XXXX [deluge-torrent unspecified remote issue]
Modified: data/NMU/list
===================================================================
More information about the Secure-testing-commits
mailing list