[Secure-testing-commits] r9930 - / data data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Wed Oct 1 21:35:40 UTC 2008
Author: jmm-guest
Date: 2008-10-01 21:35:38 +0000 (Wed, 01 Oct 2008)
New Revision: 9930
Modified:
data/CVE/list
data/spu-candidates.txt
tmp.txt
Log:
more tmp triage
it seems as if Dmitry didn't file bugs for all issues in his
MBF, the remaining ones need to be evaluated and filed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-01 21:25:38 UTC (rev 9929)
+++ data/CVE/list 2008-10-01 21:35:38 UTC (rev 9930)
@@ -1,3 +1,7 @@
+CVE-2008-XXXX [linuxtrade: insecure temp file]
+ - linuxtrade <removed> (unimportant; bug #496372)
+ NOTE: unimportant since the program is dysfunctional with the current
+ NOTE: trading website and thus not exploitable for practical purposes
CVE-2008-XXXX [digitaldj: insecure temp file]
- digitaldj 0.7.5-6.1 (low; bug #496399)
[etch] - digitaldj <no-dsa> (Minor issue)
@@ -1387,6 +1391,7 @@
- ruby1.9 1.9.0.2-6 (bug #497610)
CVE-2008-XXXX [apertium: insecure temp files]
- apertium 3.0.7+1-1.1 (low; bug #496395)
+ [etch] - apertium <no-dsa> (Minor issue)
CVE-2008-XXXX [convirt: insecure temp files]
- convirt <unfixed> (medium; bug #496419)
CVE-2008-XXXX [audiolink: insecure temp files]
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2008-10-01 21:25:38 UTC (rev 9929)
+++ data/spu-candidates.txt 2008-10-01 21:35:38 UTC (rev 9930)
@@ -5,6 +5,11 @@
--
+apertium
+#496395
+
+--
+
audacity (CVE-2007-6061)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453283
notified maintainer
Modified: tmp.txt
===================================================================
--- tmp.txt 2008-10-01 21:25:38 UTC (rev 9929)
+++ tmp.txt 2008-10-01 21:35:38 UTC (rev 9930)
@@ -15,6 +15,11 @@
a point update, oss-security should be better than a CNA pool since
there's a risk of collisions
+Packages for which Dmitry didn't file a bug so far:
+ Binary-package: datafreedom-perl (0.1.7-1)
+ Binary-package: printfilters-ppd (2.13-9)
+
+
Binary-package: r-base-core-ra (1.1.1-1)
Binary-package: rccp (0.9-2)
Binary-package: mafft (6.240-1)
@@ -27,7 +32,6 @@
Binary-package: dtc-common (0.29.6-1)
Binary-package: honeyd-common (1.5c-3)
Binary-package: lustre-tests (1.6.5-1)
- Binary-package: linuxtrade (3.65-8+b4)
Binary-package: freevo (1.8.1-0)
Binary-package: fml (4.0.3.dfsg-2)
Binary-package: rkhunter (1.3.2-3)
@@ -41,14 +45,12 @@
Binary-package: ibackup (2.27-4.1)
Binary-package: emacspeak (26.0-3)
Binary-package: bk2site (1:1.1.9-3.1)
- Binary-package: datafreedom-perl (0.1.7-1)
Binary-package: emacs-jabber (0.7.91-1)
Binary-package: lmbench (3.0-a7-1)
Binary-package: rancid-util (2.3.2~a8-1)
Binary-package: firehol (1.256-4)
Binary-package: radiance (3R9+20080530-3)
Binary-package: convirt (0.8.2-3)
- Binary-package: printfilters-ppd (2.13-9)
Binary-package: r-base-core (2.7.1-1)
Binary-package: xmcd (2.6-19.3)
Binary-package: scilab-bin (4.1.2-5)
@@ -67,7 +69,6 @@
Binary-package: mon (0.99.2-12)
Binary-package: arb-common (0.0.20071207.1-4)
Binary-package: qemu (0.9.1-5)
- Binary-package: apertium (3.0.7+1-1+b1)
Binary-package: myspell-tools (1:3.1-20)
Binary-package: gccxml (0.9.0+cvs20080525-1)
Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4)
@@ -97,6 +98,7 @@
Binary-package: mgt (2.31-5)
Binary-package: sng (1.0.2-5)
Binary-package: cdcontrol (1.90-1.1)
+ Binary-package: apertium (3.0.7+1-1+b1)
Non-issues (not exploitable, only examples or very exotic use cases,
@@ -107,6 +109,7 @@
Binary-package: openoffice.org-common (1:2.4.1-6)
Binary-package: postfix (2.5.2-2)
Binary-package: tiger (1:3.2.2-3.1)
+ Binary-package: linuxtrade (3.65-8+b4)
More information about the Secure-testing-commits
mailing list