[Secure-testing-commits] r9971 - / data data/CVE

Fri Oct 3 18:12:00 UTC 2008

Author: jmm-guest
Date: 2008-10-03 18:11:57 +0000 (Fri, 03 Oct 2008)
New Revision: 9971

Modified:
   data/CVE/list
   data/spu-candidates.txt
   tmp.txt
Log:
more temp triage


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2008-10-03 18:07:47 UTC (rev 9970)
+++ data/CVE/list	2008-10-03 18:11:57 UTC (rev 9971)
@@ -1,3 +1,20 @@
+CVE-2008-XXXX [konwert: insecure temp file]
+	- konwert 1.8-11.2 (low; bug #496379)
+        [etch] - konwert <no-dsa> (Minor issue)
+CVE-2008-XXXX [wims: insecure temp file]
+	- wims <unfixed> (low; bug #496387)
+        [etch] - wims <no-dsa> (Minor issue)
+CVE-2008-XXXX [freeradius-dialupadmin: insecure temp file]
+	- freeradius 2.0.4+dfsg-6 (low; bug #496430)
+CVE-2008-XXXX [bk2site: insecure temp file]
+	- bk2site <unfixed> (unimportant; bug #496430)
+        NOTE: Only debug code, script needs to be edited to exploit this
+CVE-2008-XXXX [cman: insecure temp file]
+	- redhat-cluster <unfixed> (low; bug #496410)
+        [etch] - redhat-cluster <no-dsa> (Minor issue)
+CVE-2008-XXXX [scilab: insecure temp file]
+	- scilab 4.1.2-6 (low; bug #496414)
+        [etch] - scilab <no-dsa> (Non-free not supported)
 CVE-2008-4395
 	RESERVED
 CVE-2008-4394

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2008-10-03 18:07:47 UTC (rev 9970)
+++ data/spu-candidates.txt	2008-10-03 18:11:57 UTC (rev 9971)
@@ -133,6 +133,11 @@
 
 --
 
+konwert 
+#496379
+
+--
+
 libapache2-mod-perl2 (CVE-2007-1349)
 http://svn.apache.org/viewvc?view=rev&revision=521584
 #433549
@@ -237,6 +242,11 @@
 
 --
 
+redhat-cluster
+#496410
+
+--
+
 rsync (CVE-2007-6200)
 #453652
 notified maintainer
@@ -249,6 +259,11 @@
 
 --
 
+scilab
+#496414
+
+--
+
 sip-tester (CVE-2008-1959, CVE-2008-2085)
 #479039
 notified maintainer
@@ -313,6 +328,11 @@
 
 --
 
+wims 
+#496387
+
+--
+
 wyrd (CVE-2008-0806)
 bug #466382
 notified maintainer

Modified: tmp.txt
===================================================================
--- tmp.txt	2008-10-03 18:07:47 UTC (rev 9970)
+++ tmp.txt	2008-10-03 18:11:57 UTC (rev 9971)
@@ -35,15 +35,11 @@
  Binary-package: audiolink (0.05-1)
  Binary-package: ibackup (2.27-4.1)
  Binary-package: emacspeak (26.0-3)
- Binary-package: bk2site (1:1.1.9-3.1)
  Binary-package: emacs-jabber (0.7.91-1)
  Binary-package: rancid-util (2.3.2~a8-1)
- Binary-package: radiance (3R9+20080530-3)
  Binary-package: r-base-core (2.7.1-1)
- Binary-package: scilab-bin (4.1.2-5)
  Binary-package: dpkg-cross (2.3.0)
  Binary-package: ltp-network-test (20060918-2.1)
- Binary-package: cman (2.20080629-1)
  Binary-package: sendmail-base (8.14.3-5)
  Binary-package: fwbuilder (2.1.19-3)
  Binary-package: dist (1:3.5-17-1)
@@ -51,21 +47,19 @@
  Binary-package: mgetty-fax (1.1.36-1.2)
  Binary-package: aegis (4.24-3)
  Binary-package: aegis-web (4.24-3)
- Binary-package: mon (0.99.2-12)
  Binary-package: qemu (0.9.1-5)
  Binary-package: myspell-tools (1:3.1-20)
  Binary-package: gccxml (0.9.0+cvs20080525-1)
- Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4)
- Binary-package: wims (3.62-13)
  Binary-package: initramfs-tools (0.92f)
  Binary-package: netmrg (0.20-1)
  Binary-package: bulmages-servers (0.11.1-2)
- Binary-package: konwert-filters (1.8-11.1)
  Binary-package: caudium (3:1.4.12-11)
 
 
 DSA: (Name in brackets if someone prepares a DSA)
  Binary-package: feta (1.4.16)  (jmm)
+ Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4)
+ Binary-package: mon (0.99.2-12)
 
 
 SPU:
@@ -83,6 +77,9 @@
  Binary-package: xmcd (2.6-19.3)
  Binary-package: xsabre (0.2.4b-23)
  Binary-package: realtimebattle-common (1.0.8-2)
+ Binary-package: cman (2.20080629-1)
+ Binary-package: wims (3.62-13)
+ Binary-package: konwert-filters (1.8-11.1)
 
 
 Non-issues (not exploitable, only examples or very exotic use cases,
@@ -101,6 +98,8 @@
  Binary-package: mafft (6.240-1)
  Binary-package: liguidsoap (0.3.6-4)
  Binary-package: ampache (3.4.1-1)
+ Binary-package: scilab-bin (4.1.2-5)
+ Binary-package: bk2site (1:1.1.9-3.1)
 
 
 


