[Secure-testing-commits] r14098 - in data: . CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Sun Feb 14 11:08:05 UTC 2010 

Author: jmm-guest
Date: 2010-02-14 11:07:56 +0000 (Sun, 14 Feb 2010)
New Revision: 14098

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
- mount.cifs no longer setuid root
- ytnef removed
- cvsnt code copy fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-02-14 01:21:32 UTC (rev 14097)
+++ data/CVE/list	2010-02-14 11:07:56 UTC (rev 14098)
@@ -258,7 +258,7 @@
 CVE-2010-0548 (Multiple unspecified vulnerabilities in the Network Controller and Web ...)
 	NOT-FOR-US: Xerox WorkCentre
 CVE-2010-0547 (client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier ...)
-	- samba <unfixed> (bug #568942; medium)
+	- samba 2:3.4.5~dfsg-2 (bug #568942; medium)
 CVE-2010-0546
 	RESERVED
 CVE-2010-0545
@@ -3485,7 +3485,7 @@
 	NOTE: All Debian kernels have MMU support enabled
 CVE-2009-3887 [ytnef path traversal]
 	RESERVED
-	- ytnef <unfixed> (bug #567631)
+	- ytnef <removed> (bug #567631)
 	[lenny] - ytnef <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
 	NOTE: This doesn't affect Evolution, the TNEF plugin is external
@@ -3871,7 +3871,7 @@
 	- collectd 4.8.2-1 (low; bug #559801)
 	[lenny] - collectd <no-dsa> (Minor issue)
 	[etch] - collectd <no-dsa> (Minor issue)
-	- cvsnt <unfixed> (low; bug #559803)
+	- cvsnt 2.5.04.3236-1.2 (low; bug #559803)
 	[etch] - cvsnt <no-dsa> (Minor issue)
 	[lenny] - cvsnt <no-dsa> (Minor issue)
 	- ggobi 2.1.9~20091212-1 (low; bug #559806)
@@ -4013,7 +4013,7 @@
 	NOTE: http://git.kernel.org/linus/0a79b009525b160081d75cef5dbf45817956acf2
 CVE-2009-3721 [ytnef buffer overflow]
 	RESERVED
-	- ytnef <unfixed> (bug #567631)
+	- ytnef <removed> (bug #567631)
 	[lenny] - ytnef <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
 	NOTE: This doesn't affect Evolution, the TNEF plugin is external
@@ -5223,7 +5223,7 @@
 	RESERVED
 	{DSA-1989-1}
 	- fuse 2.8.1-1.2 (bug #567633)
-	- samba <unfixed> (bug #567554)
+	- samba 2:3.4.5~dfsg-2 (bug #567554)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=6853
 CVE-2009-3296 (Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow ...)
 	{DSA-1912-2 DSA-1912-1}

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2010-02-14 01:21:32 UTC (rev 14097)
+++ data/embedded-code-copies	2010-02-14 11:07:56 UTC (rev 14098)
@@ -1576,7 +1576,7 @@
 	- collectd 4.8.2-1 (embed)
 	- courier-authlib 0.58-4 (embed)
         NOTE: The etch version of courier-authlib was the earliest version checked, might be fixed earlier
-	- cvsnt <unfixed> (embed)
+	- cvsnt 2.5.04.3236-1.2 (embed)
 	- dico <not-affected> (Uses the system copy of ltdl)
 	- freeradius 0.1+20010527-1 (embed)
         NOTE: Earliest reference I could find from the changelog is from 27 May 2001

More information about the Secure-testing-commits mailing list