[Secure-testing-commits] r13535 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Sun Dec 13 01:32:35 UTC 2009


Author: gilbert-guest
Date: 2009-12-13 01:32:33 +0000 (Sun, 13 Dec 2009)
New Revision: 13535

Modified:
   data/CVE/list
Log:
gnome-screensaver and acpid issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-13 00:42:49 UTC (rev 13534)
+++ data/CVE/list	2009-12-13 01:32:33 UTC (rev 13535)
@@ -1,3 +1,5 @@
+CVE-2009-XXXX [gnome-screensaver vulnerability]
+	- gnome-screensaver <unfixed> (low; bug #560895)
 CVE-2009-XXXX [gif2png multiple buffer overflows parsing CLI arguments]
 	- gif2png 2.5.2-1 (low; bug #550978)
 	[etch] - gif2png <no-dsa> (minor issue)
@@ -602,7 +604,8 @@
 CVE-2009-4034
 	RESERVED
 CVE-2009-4033 (A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to ...)
-	TODO: check
+	- acpid <not-affected> (problem in redhat-specific patch; debian uses sensible permissions 0664)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=515062
 CVE-2009-4031 (The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 ...)
 	- linux-2.6 <unfixed> (low)
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)




More information about the Secure-testing-commits mailing list