[Secure-testing-commits] r12531 - data/CVE
Nico Golde
nion at alioth.debian.org
Sun Aug 9 13:56:23 UTC 2009
Author: nion
Date: 2009-08-09 13:56:23 +0000 (Sun, 09 Aug 2009)
New Revision: 12531
Modified:
data/CVE/list
Log:
add todos for new items, please do that as well next time
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-08-09 13:55:11 UTC (rev 12530)
+++ data/CVE/list 2009-08-09 13:56:23 UTC (rev 12531)
@@ -4,11 +4,13 @@
- rubygems <not-affected>
NOTE: debian's version installs gems packages to /var/lib/gems,
NOTE: so no opportunity to overwrite system files
+ TODO: request CVE id
CVE-2009-XXXX [bugzilla: unauthorized bug modification]
- bugzilla 3.2.4-1 (low)
[etch] - bugzilla <no-dsa> (minor issue)
[lenny] - bugzilla <no-dsa> (minor issue)
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=495257
+ TODO: request CVE id
CVE-2009-XXXX [groff: insecure usage of gs]
- groff <unfixed> (low; bug #538338)
[etch] - groff <no-dsa> (minor issue)
@@ -22,12 +24,15 @@
CVE-2009-XXXX [netbase: wireless key logged]
- netbase <unfixed> (low; bug #540608)
TODO: follow-up with maintainer to find out if debian's version is affected or not
+ TODO: request CVE id
CVE-2009-XXXX [apache2: only first 8 characters used to validate password]
- apache2 <unfixed> (low; bug #539246)
CVE-2009-XXXX [gnudips: remote priviledge escalation]
- gnudips <unfixed> (medium; bug #539452)
+ TODO: request CVE id
CVE-2009-XXXX [xscreensaver: local screen lock bypassable via low resolution video devices]
- xscreensaver <unfixed> (low; bug #539699)
+ TODO: request CVE id
CVE-2009-XXXX [php5: remote information disclosure]
- php5 <unfixed> (medium; bug #540605)
TODO: determine affected versions
@@ -45,6 +50,7 @@
CVE-2009-XXXX [linux-2.6: md raid null pointer dereference (when sysfs available)]
- linux-2.6 <unfixed> (medium)
- linux-2.6.24 <removed>
+ NOTE: CVE id requested on oss-sec
CVE-2009-2710
RESERVED
CVE-2009-2709
More information about the Secure-testing-commits
mailing list