[Secure-testing-commits] r8420 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Thu Mar 27 09:35:41 UTC 2008


Author: jmm-guest
Date: 2008-03-27 09:35:40 +0000 (Thu, 27 Mar 2008)
New Revision: 8420

Modified:
   data/CVE/list
Log:
new gnupg issue (who who've thought that having a horribly
  maintained gnupg might actually be good for something?)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-03-26 21:14:11 UTC (rev 8419)
+++ data/CVE/list	2008-03-27 09:35:40 UTC (rev 8420)
@@ -1,3 +1,11 @@
+CVE-2008-XXXX [gnupg key import memory corruption]
+	- gnupg <not-affected> (Only 1.4.8 is affected)
+        TODO: Verify that the next maintainer upload uses 1.4.9 directly
+        [etch] - gnupg <not-affected> (Only 1.4.8 is affected)
+        [sarge] - gnupg <not-affected> (Only 1.4.8 is affected)
+	- gnupg2 <unfixed> (bug filed)
+        [etch] - gnupg2 <not-affected> (Only 2.0.8 is affected)
+        [sarge] - gnupg2 <not-affected> (Only 2.0.8 is affected)
 CVE-2008-1529 (ZyXEL Prestige routers have a minimum password length for the admin ...)
 	TODO: check
 CVE-2008-1528 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with ...)




More information about the Secure-testing-commits mailing list