[Secure-testing-commits] r9264 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Tue Jul 8 22:55:53 UTC 2008
Author: jmm-guest
Date: 2008-07-08 22:55:52 +0000 (Tue, 08 Jul 2008)
New Revision: 9264
Modified:
data/CVE/list
Log:
sudo issue CVEfied (I'm keeping the original fix information,
since they were coming directly from upstream, please indicate
with a NOTE entry if you come to different results)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-08 22:36:48 UTC (rev 9263)
+++ data/CVE/list 2008-07-08 22:55:52 UTC (rev 9264)
@@ -1,7 +1,8 @@
CVE-2008-3068 (Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, ...)
NOT-FOR-US: Microsoft Crypto API
CVE-2008-3067 (sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when ...)
- - sudo 1.6.8p12-2 (low)
+ - sudo 1.6.9p12-1
+ [etch] - sudo <not-affected> (Issue was introduced in 1.6.9)
CVE-2008-3066
RESERVED
CVE-2008-3065
@@ -468,9 +469,6 @@
CVE-2008-XXXX [werkzeug hashes its secret instead of using hmac]
- python-werkzeug 0.3.1-1 (unknown)
NOTE: http://lucumr.pocoo.org/cogitations/2008/06/24/werkzeug-031-released/
-CVE-2008-XXXX [sudo does not flush stdin on timeout]
- - sudo 1.6.9p12-1
- [etch] - sudo <not-affected> (Issue was introduced in 1.6.9)
CVE-2008-2841 (Argument injection vulnerability in XChat 2.8.7b and earlier on ...)
- xchat <not-affected> (Windows specific problem)
CVE-2008-2840 (Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and ...)
More information about the Secure-testing-commits
mailing list