[Secure-testing-commits] r8098 - in data: . CVE NMU

nion at alioth.debian.org nion at alioth.debian.org
Thu Feb 7 19:05:45 UTC 2008


Author: nion
Date: 2008-02-07 19:05:45 +0000 (Thu, 07 Feb 2008)
New Revision: 8098

Modified:
   data/CVE/list
   data/NMU/list
   data/embedded-code-copies
Log:
wml embeds libgd fork
insecure tmpfile handling fixed in wml 2.0.11-3.1


/usr/lib/subversion/hook-scripts/commit-email.pl: `/usr/bin/svnlook diff /svn/secure-testing -r 8098' failed with this output:
Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-02-07 18:53:05 UTC (rev 8097)
+++ data/CVE/list	2008-02-07 19:05:45 UTC (rev 8098)
@@ -307,7 +307,7 @@
 	NOTE: This enhances the fix for CVE-2006-3636.
 	NOTE: http://mail.python.org/pipermail/mailman-announce/2008-February/000095.html
 CVE-2008-XXXX [insecure tmp file usage in webwml]
-	- wml <unfixed> (low; bug #463907)
+	- wml 2.0.11-3.1 (low; bug #463907)
 	[sarge] - wml <not-affected> (Vulnerable code is patched to use mkdtemp)
 	NOTE: CVE id pending
 CVE-2008-XXXX [deluge-torrent unspecified remote issue]

Modified: data/NMU/list
===================================================================



More information about the Secure-testing-commits mailing list