[Secure-testing-commits] r10425 - in data: CVE NMU

nion at alioth.debian.org nion at alioth.debian.org
Wed Nov 19 19:38:25 UTC 2008 

Author: nion
Date: 2008-11-19 19:38:24 +0000 (Wed, 19 Nov 2008)
New Revision: 10425

Modified:
   data/CVE/list
   data/NMU/list
Log:
universalindentgui insecure tmpfile usage fixed in 0.8.1-1.2
csound python insecure search path fixed in 5.08.2~dfsg-1.1
chillispot insecure tmpfile usage fixed in 1.0-10


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-19 19:15:58 UTC (rev 10424)
+++ data/CVE/list	2008-11-19 19:38:24 UTC (rev 10425)
@@ -358,7 +358,7 @@
 CVE-2008-4932 (webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 ...)
 	NOT-FOR-US: U-Mail Webmail server
 CVE-2008-XXXX [universalindentgui insecure usage of temp files]
-	- universalindentgui <unfixed> (low; bug #504726)
+	- universalindentgui 0.8.1-1.2 (low; bug #504726)
 CVE-2008-5032 (Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through ...)
 	{DTSA-176-1}
 	- vlc 0.8.6.h-5 (medium; bug #504639)
@@ -688,7 +688,7 @@
 	- epiphany-browser 2.22.3-7 (bug #504363; low)
 	[etch] - epiphany-browser <no-dsa> (Minor issue, only vulnerable when called from certain dir)
 CVE-2008-XXXX [csound: Python scripts load modules from current directory]
-	- csound <unfixed> (bug #504359; low)
+	- csound 5.08.2~dfsg-1.1 (bug #504359; low)
 	[lenny] - csound 1:5.08.0.dfsg2-8+lenny2 (bug #504359; low)
 	[etch] - csound <not-affected> (Vulnerable code not present)
 CVE-2008-XXXX [eog: Python scripts load modules from current directory]
@@ -2121,7 +2121,8 @@
 	- lighttpd 1.4.19-5 (medium)
 	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt
 CVE-2008-XXXX [unsafe usage of temp file]
-	- chillispot <unfixed> (low; bug #500181)
+	- chillispot 1.0-10 (low; bug #500181)
+	NOTE: the changelog doesn't mention the fix but its included in -10
 	[etch] - chillispot <no-dsa> (minor issue)
 CVE-2008-XXXX [unsafe usage of temp file]
 	- debtorrent <unfixed> (unimportant; bug #500180)

Modified: data/NMU/list
===================================================================
--- data/NMU/list	2008-11-19 19:15:58 UTC (rev 10424)
+++ data/NMU/list	2008-11-19 19:38:24 UTC (rev 10425)
@@ -127,3 +127,4 @@
 2008-10-07 ipsec-tools 0.7.1-1.2
 2008-11-03 vlc 0.8.6.h-4.1
 2008-11-05 hf 0.8-8.1
+2008-11-19 csound 5.08.2~dfsg-1.1

More information about the Secure-testing-commits mailing list