[Secure-testing-commits] r10200 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Wed Oct 29 11:19:26 UTC 2008
Author: white
Date: 2008-10-29 11:19:25 +0000 (Wed, 29 Oct 2008)
New Revision: 10200
Modified:
data/CVE/list
Log:
Add NOTE as explanation to lazarus issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-29 10:53:21 UTC (rev 10199)
+++ data/CVE/list 2008-10-29 11:19:25 UTC (rev 10200)
@@ -2514,6 +2514,8 @@
[etch] - vdr <not-affected> (Vulnerable code not present)
CVE-2008-XXXX [lazarus: insecure temp file]
- lazarus 0.9.24-0-11 (unimportant; bug #496377)
+ NOTE: vulnerable script only called when updating the source
+ NOTE: thus neither actively used nor invoked automatically
CVE-2008-XXXX [crossfire-maps: insecure temp file]
- crossfire-maps 1.11.0-2 (low; bug #496358)
[etch] - crossfire-maps <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list