[Secure-testing-commits] r10200 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Wed Oct 29 11:19:26 UTC 2008


Author: white
Date: 2008-10-29 11:19:25 +0000 (Wed, 29 Oct 2008)
New Revision: 10200

Modified:
   data/CVE/list
Log:
Add NOTE as explanation to lazarus issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-29 10:53:21 UTC (rev 10199)
+++ data/CVE/list	2008-10-29 11:19:25 UTC (rev 10200)
@@ -2514,6 +2514,8 @@
 	[etch] - vdr <not-affected> (Vulnerable code not present)
 CVE-2008-XXXX [lazarus: insecure temp file]
 	- lazarus 0.9.24-0-11 (unimportant; bug #496377)
+	NOTE: vulnerable script only called when updating the source
+	NOTE: thus neither actively used nor invoked automatically
 CVE-2008-XXXX [crossfire-maps: insecure temp file]
 	- crossfire-maps 1.11.0-2 (low; bug #496358)
 	[etch] - crossfire-maps <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list