[Secure-testing-commits] r13969 - in data: . CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Sat Jan 30 11:13:13 UTC 2010 

Author: jmm-guest
Date: 2010-01-30 11:13:12 +0000 (Sat, 30 Jan 2010)
New Revision: 13969

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
ratbox fixed
filed bug for ytnef and fuse issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-01-30 06:37:45 UTC (rev 13968)
+++ data/CVE/list	2010-01-30 11:13:12 UTC (rev 13969)
@@ -323,7 +323,7 @@
 CVE-2010-0300 [ircd-ratbox: NULL pointer vulnerability]
 	RESERVED
 	{DSA-1980-1}
-	- ircd-ratbox <unfixed> (low; bug #567191)
+	- ircd-ratbox 3.0.6.dfsg-1 (low; bug #567191)
 CVE-2010-0299
 	RESERVED
 CVE-2010-0298
@@ -2810,7 +2810,8 @@
 	NOTE: All Debian kernels have MMU support enabled
 CVE-2009-3887 [ytnef path traversal]
 	RESERVED
-	- ytnef <unfixed>
+	- ytnef <unfixed> (bug filed)
+	[lenny] - ytnef <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
 	NOTE: This doesn't affect Evolution, the TNEF plugin is external
 CVE-2009-3886 (The Java Web Start implementation in Sun Java SE 6 before Update 17 ...)
@@ -3335,7 +3336,8 @@
 	NOTE: http://git.kernel.org/linus/0a79b009525b160081d75cef5dbf45817956acf2
 CVE-2009-3721 [ytnef buffer overflow]
 	RESERVED
-	- ytnef <unfixed>
+	- ytnef <unfixed> (bug filed)
+	[lenny] - ytnef <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
 	NOTE: This doesn't affect Evolution, the TNEF plugin is external
 CVE-2009-3720 (The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...)
@@ -4549,8 +4551,7 @@
 	NOTE: http://mahara.org/interaction/forum/topic.php?id=1169
 CVE-2009-3297 [mount race conditions]
 	RESERVED
-	- fuse <unfixed>
-	TODO: File bug
+	- fuse <unfixed> (bug filed)
 	- samba <unfixed> (bug #567554)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=6853
 CVE-2009-3296 (Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow ...)

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2010-01-30 06:37:45 UTC (rev 13968)
+++ data/spu-candidates.txt	2010-01-30 11:13:12 UTC (rev 13969)
@@ -440,6 +440,10 @@
 
 --
 
+ytnef (CVE-2009-3887, CVE-2009-3721)
+
+--
+
 ziproxy (CVE-2009-0804)
 #521051
 notified maintainer

More information about the Secure-testing-commits mailing list