[Secure-testing-commits] r9742 - in data: CVE DTSA
nion at alioth.debian.org
nion at alioth.debian.org
Thu Sep 4 10:52:22 UTC 2008
Author: nion
Date: 2008-09-04 10:52:20 +0000 (Thu, 04 Sep 2008)
New Revision: 9742
Modified:
data/CVE/list
data/DTSA/list
Log:
releasing DTSA-164-2 (newsbeuter)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-09-04 09:14:11 UTC (rev 9741)
+++ data/CVE/list 2008-09-04 10:52:20 UTC (rev 9742)
@@ -127,7 +127,7 @@
[lenny] - wordnet 3.0-11+lenny1
[etch] - wordnet 1:2.1-4+etch1
CVE-2008-XXXX [code execution in newsbeuter via crafted url when opened in external browser]
- [lenny] - newsbeuter 0.9.1-1+lenny2
+ [lenny] - newsbeuter 0.9.1-1+lenny3
- newsbeuter 1.2-1 (medium)
NOTE: medium as versions < 1.0-1 didn't include a patch to wrap long article URLs so the
NOTE: crafted part of the URL can be hidden. This of course only affects people not reading
Modified: data/DTSA/list
===================================================================
--- data/DTSA/list 2008-09-04 09:14:11 UTC (rev 9741)
+++ data/DTSA/list 2008-09-04 10:52:20 UTC (rev 9742)
@@ -481,3 +481,7 @@
[lenny] - wordnet 3.0-11+lenny1
[September 2nd, 2008] DTSA-164-1 newsbeuter - command injection
[lenny] - newsbeuter 0.9.1-1+lenny2
+[September 4th, 2008] DTSA-164-2 newsbeuter - command injection
+ [lenny] - newsbeuter 0.9.1-1+lenny3
+ NOTE: the preivous DTSA fixed the appended the URL twice
+
More information about the Secure-testing-commits
mailing list