[Secure-testing-commits] r10034 - / data data/CVE

[jmm-guest at alioth.debian.org]

Author: jmm-guest
Date: 2008-10-07 21:19:21 +0000 (Tue, 07 Oct 2008)
New Revision: 10034

Modified:
   data/CVE/list
   data/spu-candidates.txt
   tmp.txt
Log:
CVE allocations and temp updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-07 13:30:57 UTC (rev 10033)
+++ data/CVE/list	2008-10-07 21:19:21 UTC (rev 10034)
@@ -138,10 +138,9 @@
 	NOT-FOR-US: Trend Micro OfficeScan
 CVE-2008-4408 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0, ...)
 	- mediawiki <unfixed> (low; bug #501115)
-CVE-2008-XXXX [ibackup: insecure temp files]
+CVE-2008-4475 [ibackup: insecure temp files]
 	- ibackup <removed> (low; bug #496432)
 	[etch] - ibackup <no-dsa> (Minor issues)
-	NOTE: CVE ID requested
 CVE-2008-XXXX [aegis-web: insecure temp file]
 	- aegis 4.24-3.1 (low; bug #496400)
 	[etch] - aegis <no-dsa> (Minor issue)
@@ -190,9 +189,8 @@
 CVE-2008-XXXX [wims: insecure temp file]
 	- wims <unfixed> (low; bug #496387)
 	[etch] - wims <no-dsa> (Minor issue)
-CVE-2008-XXXX [freeradius-dialupadmin: insecure temp file]
+CVE-2008-4474 [freeradius-dialupadmin: insecure temp file]
 	- freeradius 2.0.4+dfsg-6 (low; bug #496389)
-	NOTE: CVE ID requested
 CVE-2008-XXXX [bk2site: insecure temp file]
 	- bk2site <unfixed> (unimportant; bug #496430)
 	NOTE: Only debug code, script needs to be edited to exploit this
@@ -1764,10 +1762,9 @@
 CVE-2008-XXXX [mgetty: insecure temp files]
 	- mgetty 1.1.36-1.3 (low; bug #496403)
 	[etch] - mgetty <no-dsa> (Minor issue)
-CVE-2008-XXXX [sympa: multiple insecure temp files]
+CVE-2008-4476 [sympa: multiple insecure temp files]
 	- sympa 5.3.4-5.1 (low; bug #496405; bug #494969)
 	[etch] - sympa <no-dsa> (Minor issues)
-	NOTE: CVE ID requested
 CVE-2008-XXXX [sng: insecure temp file]
 	- sng 1.0.2-6 (low; bug #496407)
 	[etch] - sng <no-dsa> (Minor issue)

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2008-10-07 13:30:57 UTC (rev 10033)
+++ data/spu-candidates.txt	2008-10-07 21:19:21 UTC (rev 10034)
@@ -158,6 +158,11 @@
 
 --
 
+freeradius (CVE-2008-4474)
+#496489
+
+--
+
 fwbuilder
 #496406
 notified maintainer

Modified: tmp.txt
===================================================================
--- tmp.txt	2008-10-07 13:30:57 UTC (rev 10033)
+++ tmp.txt	2008-10-07 21:19:21 UTC (rev 10034)
@@ -18,16 +18,15 @@
 
 
 DSA: (Name in brackets if someone prepares a DSA)
- Binary-package: feta (1.4.16)  (jmm) (CVE-2008-4440)
- Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4) 
  Binary-package: mon (0.99.2-12) (white)
  Binary-package: qemu (0.9.1-5)
  Binary-package: openswan (1:2.4.12+dfsg-1.1) (CVE-2008-4190)
 
 
 SPU:
- Binary-package: ibackup (2.27-4.1)
- Binary-package: sympa (5.3.4-5)
+ Binary-package: ibackup (2.27-4.1) (CVE-2008-4475)
+ Binary-package: sympa (5.3.4-5) (CVE-2008-4476)
+ Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4) (CVE-2008-4474)
  Binary-package: fwbuilder (2.1.19-3)
  Binary-package: aegis-web (4.24-3)
  Binary-package: rancid-util (2.3.2~a8-1)