[Secure-testing-commits] r10254 - in data: . CVE
white at alioth.debian.org
white at alioth.debian.org
Mon Nov 3 10:40:56 UTC 2008
Author: white
Date: 2008-11-03 10:40:55 +0000 (Mon, 03 Nov 2008)
New Revision: 10254
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
python issues are low priority; two don't affect etch, one no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-11-03 10:36:57 UTC (rev 10253)
+++ data/CVE/list 2008-11-03 10:40:55 UTC (rev 10254)
@@ -2,11 +2,14 @@
- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
- ktorrent <unfixed>
CVE-2008-XXXX [epiphany-browser: Python scripts load modules from current directory]
- - epiphany-browser <unfixed> (bug #504363)
+ - epiphany-browser <unfixed> (bug #504363; low)
+ [etch] - epiphany-browser <no-dsa> (Minor issue, only vulnerable when called from certain dir)
CVE-2008-XXXX [csound: Python scripts load modules from current directory]
- - csound <unfixed> (bug #504359)
+ - csound <unfixed> (bug #504359; low)
+ [etch] - csound <not-affected> (Vulnerable code not present)
CVE-2008-XXXX [eog: Python scripts load modules from current directory]
- - eog <unfixed> (bug #504352)
+ - eog <unfixed> (bug #504352; low)
+ [etch] - eog <not-affected> (Vulnerable code not present)
CVE-2008-XXXX [smarty _expand_quoted_text security bypass]
- smarty <unfixed> (bug #504328)
- moodle <unfixed> (bug #504345)
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2008-11-03 10:36:57 UTC (rev 10253)
+++ data/spu-candidates.txt 2008-11-03 10:40:55 UTC (rev 10254)
@@ -133,6 +133,11 @@
--
+epiphany-browser
+#504363
+
+--
+
exiv2 (CVE-2008-2696)
bug #486328
http://dev.robotbattle.com/cgi-bin/viewvc.cgi/exiv2/trunk/src/nikonmn.cpp?r1=1473&r2=1499
More information about the Secure-testing-commits
mailing list