[Secure-testing-commits] r11493 - data/DSA

gilbert-guest at alioth.debian.org gilbert-guest at alioth.debian.org
Mon Mar 30 20:45:07 UTC 2009 

Author: gilbert-guest
Date: 2009-03-30 20:45:07 +0000 (Mon, 30 Mar 2009)
New Revision: 11493

Modified:
   data/DSA/list
Log:
adding DSAs that were advisories for unfixed or end-of-life issues


Modified: data/DSA/list
===================================================================
--- data/DSA/list	2009-03-30 20:07:49 UTC (rev 11492)
+++ data/DSA/list	2009-03-30 20:45:07 UTC (rev 11493)
@@ -1,3 +1,18 @@
+[24 Mar 2009] DSA-1753-1 iceweasel - end-of-life announcement for iceweasel in oldstable
+        NOTE: <end-of-life> (upstream iceweasel too volatile, solution: upgrade to security-supported iceweasel in lenny)
+        NOTE: DSA issued to advise users to upgrade to lenny if they are interested in a security-supported iceweasel
+[08 Jul 2008] DSA-1605-1 glibc - DNS cache poisoning
+        {CVE-2008-1447}
+        NOTE: <unfixed> (backport too complicated, solution: install bind9 or use ip address spoofing protection)
+        NOTE: DSA issued as an avisory about actions user can take to protect against this vulnerability
+[08 Jul 2008] DSA-1604-1 bind - DNS cache poisoning
+        {CVE-2008-1447}
+        NOTE: <unfixed> (backport too complicated, solution: upgrade to bind9 or have bind8 forward queries to a bind9 resolver)
+        NOTE: DSA issued as an avisory about actions user can take to protect against this vulnerability
+[24 Mar 2008] DSA-1529-1 firebird - multiple vulnerabilities
+        {CVE-2008-0387 CVE-2008-0467 CVE-2006-7211 CVE-2007-4664 CVE-2007-4665 CVE-2007-4666 CVE-2007-4667 CVE-2007-4668 CVE-2007-4669 CVE-2007-3527 CVE-2007-3181 CVE-2007-2606 CVE-2006-7212 CVE-2006-7213 CVE-2006-7214}
+        NOTE: <unfixed> (backport too complicated, solution: use firebird packages in backports.org or isolate machine from internet)
+        NOTE: DSA issued as an advisory about actions user can take to protect against these vulnabilities
 [25 Sep 2006] DSA-1184-2 kernel-source-2.6.8 - several vulnerabilities
         {CVE-2004-2660 CVE-2005-4798 CVE-2006-1052 CVE-2006-1343 CVE-2006-1528 CVE-2006-1855 CVE-2006-1856 CVE-2006-2444 CVE-2006-2446 CVE-2006-2935 CVE-2006-2936 CVE-2006-3468 CVE-2006-3745 CVE-2006-4093 CVE-2006-4145 CVE-2006-4535}
         [sarge] - kernel-source-2.6.8 2.6.8-16sarge5

More information about the Secure-testing-commits mailing list