[Secure-testing-commits] r15100 - in data: . CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Mon Aug 2 04:46:03 UTC 2010
Author: jmm-guest
Date: 2010-08-02 04:45:59 +0000 (Mon, 02 Aug 2010)
New Revision: 15100
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
prewikka no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-08-02 04:24:34 UTC (rev 15099)
+++ data/CVE/list 2010-08-02 04:45:59 UTC (rev 15100)
@@ -2191,8 +2191,8 @@
- rpm 4.8.1-1 (bug #584257; unimportant)
NOTE: Marking as unimportant since rpm isn't used as a package manager
CVE-2010-2058 (setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable ...)
- - prewikka 1.0.0-1.1 (medium; bug #584469)
- NOTE: set to medium as this might as well expose the db administrator password
+ - prewikka 1.0.0-1.1 (low; bug #584469)
+ [lenny] - prewikka <no-dsa> (The insecure permissions only apply for a very short timeframe during pkg update)
CVE-2010-2057
RESERVED
CVE-2010-2056 (GNU gv before 3.7.0 allows local users to overwrite arbitrary files ...)
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2010-08-02 04:24:34 UTC (rev 15099)
+++ data/spu-candidates.txt 2010-08-02 04:45:59 UTC (rev 15100)
@@ -411,6 +411,12 @@
--
+prewikka (CVE-2010-2058)
+#584469
+
+
+--
+
puppet (CVE-2009-3564)
#551073
notified maintainer in initial bug report
More information about the Secure-testing-commits
mailing list