[Secure-testing-commits] r8459 - in data: CVE DSA

thijs at alioth.debian.org thijs at alioth.debian.org
Mon Mar 31 22:09:16 UTC 2008


Author: thijs
Date: 2008-03-31 22:09:15 +0000 (Mon, 31 Mar 2008)
New Revision: 8459

Modified:
   data/CVE/list
   data/DSA/list
Log:
policyd-weight cveified


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-03-31 21:14:14 UTC (rev 8458)
+++ data/CVE/list	2008-03-31 22:09:15 UTC (rev 8459)
@@ -1,3 +1,8 @@
+CVE-2008-1570 [policyd-weight tempfile race]
+	- policyd-weight 0.1.14.17-1 (low)
+	NOTE: http://www.mail-archive.com/policyd-weight-list%40ek-muc.de/msg00798.html
+CVE-2008-1569 [policyd-weight tempfile race]
+	- policyd-weight 0.1.14.17-1 (low)
 CVE-2008-XXXX [code execution via crafted file name in comix]
 	- comix <unfixed> (low; bug #462840)
 	NOTE: comix can't be used in a non-interactive setup thus the impact level
@@ -97,11 +102,6 @@
 	NOT-FOR-US: ASUS Remote Console
 CVE-2008-1490 (Buffer overflow in a certain Aurigma ActiveX control in ...)
 	NOT-FOR-US: ImageUploader4
-CVE-2008-XXXX [policyd-weight tempfile race]
-	- policyd-weight 0.1.14.17-1 (low)
-	[etch] - policyd-weight 0.1.14-beta-6etch2
-	NOTE: http://www.mail-archive.com/policyd-weight-list%40ek-muc.de/msg00798.html
-	NOTE: CVE id pending
 CVE-2008-1489 (Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC ...)
 	{DTSA-119-1}
 	- vlc 0.8.6.e-1.1 (medium; bug #472635)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2008-03-31 21:14:14 UTC (rev 8458)
+++ data/DSA/list	2008-03-31 22:09:15 UTC (rev 8459)
@@ -15,8 +15,8 @@
 	{CVE-2007-4879 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1240 CVE-2008-1241}
 	[etch] - xulrunner 1.8.0.15~pre080323b-0etch1
 [27 Mar 2008] DSA-1531-2 policyd-weight - insecure temporary files
+	{CVE-2008-1569 CVE-2008-1570}
 	[etch] - policyd-weight 0.1.14-beta-6etch2
-	NOTE: CVE id still pending...
 [25 Mar 2008] DSA-1530-1 cupsys - multiple vulnerabilities
 	{CVE-2008-0047 CVE-2008-0882}
 	[etch] - cupsys 1.2.7-4etch3




More information about the Secure-testing-commits mailing list