[Secure-testing-commits] r9929 - / data data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Wed Oct 1 21:25:39 UTC 2008
Author: jmm-guest
Date: 2008-10-01 21:25:38 +0000 (Wed, 01 Oct 2008)
New Revision: 9929
Modified:
data/CVE/list
data/spu-candidates.txt
tmp.txt
Log:
more temp triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-01 21:14:13 UTC (rev 9928)
+++ data/CVE/list 2008-10-01 21:25:38 UTC (rev 9929)
@@ -607,6 +607,7 @@
NOT-FOR-US: Reciprocal Links Manager
CVE-2008-4085 (Plait before 1.6 allows local users to overwrite arbitrary files via a ...)
- plait 1.5.2-2 (low; bug #496381)
+ [etch] - plait <no-dsa> (Minor issue)
CVE-2008-4084 (SQL injection vulnerability in staticpages/easyclassifields/index.php ...)
NOT-FOR-US: MyioSoft EasyClassifields
CVE-2008-4083 (Cross-site scripting (XSS) vulnerability in the Bookmarks plugin in ...)
@@ -1413,6 +1414,7 @@
- realtimebattle 1.0.8-8 (low; bug #496385)
CVE-2008-XXXX [mgt: insecure temp file]
- mgt 2.31-6 (low; bug #496434)
+ [etch] - mgt <no-dsa> (Minor issue)
CVE-2008-XXXX [twiki: insecure temp file]
- twiki 1:4.1.2-4 (low; bug #494648)
CVE-2008-XXXX [mafft: insecure temp file]
@@ -1425,8 +1427,10 @@
- sympa 5.3.4-5.1 (low; bug #496405; bug #494969)
CVE-2008-XXXX [sng: insecure temp file]
- sng 1.0.2-6 (low; bug #496407)
+ [etch] - sng <no-dsa> (Minor issue)
CVE-2008-XXXX [aview: insecure temp file]
- aview 1.3.0rc1-8.1 (low; bug #496422)
+ [etch] - aview <no-dsa> (Minor issue)
CVE-2008-XXXX [fwbuilder: insecure temp file]
- fwbuilder 2.1.19-5 (low; bug #496406)
CVE-2008-XXXX [feta: insecure temp file in to-upgrade plugin]
@@ -1436,6 +1440,7 @@
NOTE: Not enabled by default, needs manual modification of a script
CVE-2008-XXXX [cdcontrol: insecure temp file]
- cdcontrol <removed> (low; bug #496438)
+ [etch] - cdcontrol <no-dsa> (Minor issue)
CVE-2008-XXXX [sgml2x: insecure temp file]
- sgml2x 1.0.0-11.2 (low; bug #496368)
CVE-2008-XXXX [dtc-common: insecure temp file]
@@ -1446,6 +1451,7 @@
- xmcd 2.6-21 (low; bug #496416)
CVE-2008-XXXX [xcal: insecure temp file]
- xcal 4.1-19 (low; bug #496393)
+ [etch] - xcal <no-dsa> (Minor issue)
CVE-2008-XXXX [r-base: insecure temp file]
- r-base 2.7.2-1 (low; bug #496418)
- r-base-core-ra 1.1.1-2 (low; bug #496363)
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2008-10-01 21:14:13 UTC (rev 9928)
+++ data/spu-candidates.txt 2008-10-01 21:25:38 UTC (rev 9929)
@@ -11,6 +11,11 @@
--
+aview
+#496422
+
+--
+
beagle (CVE-2005-4791)
notified maintainer
@@ -45,6 +50,11 @@
--
+cdcontrol
+#496438)
+
+--
+
cdrw-taper
#496380
@@ -162,6 +172,11 @@
--
+mgt
+#496434)
+
+--
+
mksh (CVE-2008-1845)
notified maintainer
@@ -190,6 +205,11 @@
--
+plait (CVE-2008-4085)
+#496381
+
+--
+
python-django (CVE-2007-5712)
http://media.djangoproject.com/patches/2007-10-26-security-fix/
#448838
@@ -219,6 +239,11 @@
--
+sng
+#496407)
+
+--
+
streamripper (CVE-2007-4337)
notified maintainer
@@ -270,6 +295,11 @@
--
+xcal
+#496393
+
+--
+
xemacs21 (CVE-2007-6109/CVE-2008-1694)
bug #457764, bug #476613
notified maintainer
Modified: tmp.txt
===================================================================
--- tmp.txt 2008-10-01 21:14:13 UTC (rev 9928)
+++ tmp.txt 2008-10-01 21:25:38 UTC (rev 9929)
@@ -34,11 +34,9 @@
Binary-package: openswan (1:2.4.12+dfsg-1.1)
Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1)
Binary-package: aptoncd (0.1-1.1)
- Binary-package: cdcontrol (1.90-1.1)
Binary-package: newsgate (1.6-23)
Binary-package: gpsdrive-scripts (2.10~pre4-3)
Binary-package: impose+ (0.2-11)
- Binary-package: mgt (2.31-5)
Binary-package: audiolink (0.05-1)
Binary-package: ibackup (2.27-4.1)
Binary-package: emacspeak (26.0-3)
@@ -48,7 +46,6 @@
Binary-package: lmbench (3.0-a7-1)
Binary-package: rancid-util (2.3.2~a8-1)
Binary-package: firehol (1.256-4)
- Binary-package: aview (1.3.0rc1-8)
Binary-package: radiance (3R9+20080530-3)
Binary-package: convirt (0.8.2-3)
Binary-package: printfilters-ppd (2.13-9)
@@ -61,7 +58,6 @@
Binary-package: scratchbox2 (1.99.0.24-1)
Binary-package: sendmail-base (8.14.3-5)
Binary-package: fwbuilder (2.1.19-3)
- Binary-package: sng (1.0.2-5)
Binary-package: dist (1:3.5-17-1)
Binary-package: sympa (5.3.4-5)
Binary-package: caudium (3:1.4.12-11)
@@ -72,7 +68,6 @@
Binary-package: arb-common (0.0.20071207.1-4)
Binary-package: qemu (0.9.1-5)
Binary-package: apertium (3.0.7+1-1+b1)
- Binary-package: xcal (4.1-18.3)
Binary-package: myspell-tools (1:3.1-20)
Binary-package: gccxml (0.9.0+cvs20080525-1)
Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4)
@@ -82,7 +77,6 @@
Binary-package: realtimebattle-common (1.0.8-7)
Binary-package: netmrg (0.20-1)
Binary-package: bulmages-servers (0.11.1-2)
- Binary-package: plait (1.5.2-1)
Binary-package: konwert-filters (1.8-11.1)
@@ -97,6 +91,12 @@
Binary-package: vdr-dbg (1.6.0-5)
Binary-package: digitaldj (0.7.5-6+b1)
Binary-package: xastir (1.9.2-1)
+ Binary-package: aview (1.3.0rc1-8)
+ Binary-package: xcal (4.1-18.3)
+ Binary-package: plait (1.5.2-1)
+ Binary-package: mgt (2.31-5)
+ Binary-package: sng (1.0.2-5)
+ Binary-package: cdcontrol (1.90-1.1)
Non-issues (not exploitable, only examples or very exotic use cases,
More information about the Secure-testing-commits
mailing list