[Secure-testing-commits] r9980 - / data data/CVE

Fri Oct 3 22:30:17 UTC 2008

Author: jmm-guest
Date: 2008-10-03 22:30:16 +0000 (Fri, 03 Oct 2008)
New Revision: 9980

Modified:
   data/CVE/list
   data/spu-candidates.txt
   tmp.txt
Log:
temp triage finished
feta CVEfied


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2008-10-03 21:14:12 UTC (rev 9979)
+++ data/CVE/list	2008-10-03 22:30:16 UTC (rev 9980)
@@ -1,3 +1,12 @@
+CVE-2008-XXXX [ibackup: insecure temp files]
+	- ibackup <removed> (low; bug #496432)
+        [etch] - ibackup <no-dsa> (Minor issues)
+CVE-2008-XXXX [aegis-web: insecure temp file]
+	- aegis 4.24-3.1 (low; bug #496400)
+        [etch] - aegis <no-dsa> (Minor issue)
+CVE-2008-XXXX [aegis: insecure temp files]
+	- aegis <unfixed> (unimportant; bug #496402)
+        NOTE: Only present in example scripts
 CVE-2008-4401
 	RESERVED
 CVE-2008-4400
@@ -1582,6 +1591,7 @@
 	[etch] - mgetty <no-dsa> (Minor issue)
 CVE-2008-XXXX [sympa: multiple insecure temp files]
 	- sympa 5.3.4-5.1 (low; bug #496405; bug #494969)
+        [etch] - sympa <no-dsa> (Minor issues)
 CVE-2008-XXXX [sng: insecure temp file]
 	- sng 1.0.2-6 (low; bug #496407)
 	[etch] - sng <no-dsa> (Minor issue)
@@ -1590,7 +1600,8 @@
 	[etch] - aview <no-dsa> (Minor issue)
 CVE-2008-XXXX [fwbuilder: insecure temp file]
 	- fwbuilder 2.1.19-5 (low; bug #496406)
-CVE-2008-XXXX [feta: insecure temp file in to-upgrade plugin]
+        [etch] - fwbuilder <no-dsa> (Minor issue)
+CVE-2008-4440 [feta: insecure temp file in to-upgrade plugin]
 	- feta 1.4.16+nmu1 (low; bug #496397)
 CVE-2008-XXXX [postfix: insecure temp file]
 	- postfix <unfixed> (unimportant; bug #496401)
@@ -1637,6 +1648,7 @@
 	- qemu 0.9.1-6 (low; bug #496394)
 CVE-2008-XXXX [rancid: insecure temp file]
 	- rancid 2.3.2~a8-2 (low; bug #496426)
+        [etch] - rancid <no-dsa> (Minor issue)
 CVE-2008-XXXX [vdr: insecure temp file]
 	- vdr 1.6.0-6 (low; bug #496421)
 	[etch] - vdr <not-affected> (Vulnerable code not present)

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2008-10-03 21:14:12 UTC (rev 9979)
+++ data/spu-candidates.txt	2008-10-03 22:30:16 UTC (rev 9980)
@@ -11,6 +11,11 @@
 
 --
 
+aegis
+#496400
+
+--
+
 apertium
 #496395
 notified maintainer
@@ -145,6 +150,11 @@
 
 --
 
+fwbuilder
+#496406
+
+--
+
 gdrae
 #496378
 notified maintainer
@@ -280,6 +290,11 @@
 
 --
 
+rancid
+#496426
+
+--
+
 rccp
 #496364
 notified maintainer
@@ -359,6 +374,11 @@
 
 --
 
+sympa
+#496405; bug #494969
+
+--
+
 tintin++ (CVE-2008-0673 CVE-2008-0672 CVE-2008-0671)
 #465643
 notified maintainer

Modified: tmp.txt
===================================================================
--- tmp.txt	2008-10-03 21:14:12 UTC (rev 9979)
+++ tmp.txt	2008-10-03 22:30:16 UTC (rev 9980)
@@ -15,12 +15,6 @@
   a point update, oss-security should be better than a CNA pool since
   there's a risk of collisions
 
- Binary-package: ibackup (2.27-4.1)
- Binary-package: rancid-util (2.3.2~a8-1)
- Binary-package: fwbuilder (2.1.19-3)
- Binary-package: sympa (5.3.4-5)
- Binary-package: aegis (4.24-3)
- Binary-package: aegis-web (4.24-3)
 
 
 DSA: (Name in brackets if someone prepares a DSA)
@@ -32,6 +26,11 @@
 
 
 SPU:
+ Binary-package: ibackup (2.27-4.1)
+ Binary-package: sympa (5.3.4-5)
+ Binary-package: fwbuilder (2.1.19-3)
+ Binary-package: aegis-web (4.24-3)
+ Binary-package: rancid-util (2.3.2~a8-1)
  Binary-package: fml (4.0.3.dfsg-2)
  Binary-package: gdrae (0.1-1)
  Binary-package: cdrw-taper (0.4-2)
@@ -90,6 +89,7 @@
  Binary-package: printfilters-ppd (2.13-9)
  Binary-package: sendmail-base (8.14.3-5)
  Binary-package: gccxml (0.9.0+cvs20080525-1)
+ Binary-package: aegis (4.24-3)
 
 
 


