[Secure-testing-commits] r12097 - data/CVE
Nico Golde
nion at alioth.debian.org
Wed Jun 10 21:34:58 UTC 2009
Author: nion
Date: 2009-06-10 21:34:57 +0000 (Wed, 10 Jun 2009)
New Revision: 12097
Modified:
data/CVE/list
Log:
CVE-2009-1296 non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-06-10 14:32:56 UTC (rev 12096)
+++ data/CVE/list 2009-06-10 21:34:57 UTC (rev 12097)
@@ -1912,7 +1912,10 @@
RESERVED
CVE-2009-1296 [ecrpytfs-utils: unencrypted passphrase stored on disk]
RESERVED
- - ecryptfs-utils <unfixed> (medium; bug #532372)
+ - ecryptfs-utils <unfixed> (unimportant; bug #532372)
+ NOTE: this is a non-issue as the debian installer doesn't support per user
+ NOTE: encrypted home directories with ecryptfs, so no passphrase is stored in the
+ NOTE: installer logs on disk
CVE-2009-1295 (Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu ...)
- apport <itp> (bug #383347)
CVE-2009-1294 (Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home ...)
More information about the Secure-testing-commits
mailing list