[Secure-testing-commits] r12278 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Sun Jul 5 19:15:24 UTC 2009
Author: gilbert-guest
Date: 2009-07-05 19:15:23 +0000 (Sun, 05 Jul 2009)
New Revision: 12278
Modified:
data/CVE/list
Log:
tracking some new minor issues; most not severe enough to warrant a dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-05 18:42:02 UTC (rev 12277)
+++ data/CVE/list 2009-07-05 19:15:23 UTC (rev 12278)
@@ -1,3 +1,16 @@
+CVE-2009-XXXX [xscreensaver: symlink attack enables local information disclosure]
+ - xscreensaver <not-affected> (does not run setuid in debian)
+ NOTE: http://bugs.debian.org/535870
+CVE-2009-XXXX [libdkim: signature parsing is not thread-safe]
+ - libdkim <unfixed> (low; bug #532740)
+CVE-2009-XXXX [libsndfile: potential dos via crafted input]
+ - libsndfile <unfixed> (low; bug #530831)
+ [etch] - libsndfile <no-dsa> (minor issue)
+ [lenny] - libsndfile <no-dsa> (minor issue)
+CVE-2009-XXXX [mimedecode: potential dos/crash due to invalid input]
+ - mimedecode <unfixed> (low; bug #530430)
+ [etch] - mimedecode <no-dsa> (minor issue)
+ [lenny] - mimedecode <no-dsa> (minor issue)
CVE-2009-XXXX [stardict: potential to broadcast clipboard contents across internet]
- stardict <unfixed> (low; bug #534731)
CVE-2009-2313 (Directory traversal vulnerability in index.php in Jinzora Media ...)
More information about the Secure-testing-commits
mailing list