[Secure-testing-commits] r10119 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Sun Oct 19 01:10:45 UTC 2008


Author: white
Date: 2008-10-19 01:10:44 +0000 (Sun, 19 Oct 2008)
New Revision: 10119

Modified:
   data/CVE/list
Log:
New strongswan issue reported to BTS; no-dsa for openswan

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-19 00:47:18 UTC (rev 10118)
+++ data/CVE/list	2008-10-19 01:10:44 UTC (rev 10119)
@@ -85,7 +85,7 @@
 CVE-2008-4552 (nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the ...)
 	- nfs-utils 1:1.1.3-1
 CVE-2008-4551 (strongSwan 4.2.6 and earlier allows remote attackers to cause a denial ...)
-	TODO: check
+	- strongswan <unfixed> (bug #502676)
 CVE-2008-4550
 	RESERVED
 CVE-2008-4549 (The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ...)
@@ -905,6 +905,7 @@
 	[etch] - emacspeak <no-dsa> (Minor issue)
 CVE-2008-4190 (The IPSEC livetest tool in Openswan 2.4.4 and earlier allows local ...)
 	- openswan 1:2.4.12+dfsg-1.3 (bug #496374; low)
+	[etch] - openswan <no-dsa> (Vulnerable code only in example script)
 CVE-2008-XXXX [jumpnbump: insecure temp file]
 	- jumpnbump 1.50+dfsg1-1 (low; bug #500611)
 	[etch] - jumpnbump <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list