[Secure-testing-commits] r14889 - in data: CVE NMU

Nico Golde nion at alioth.debian.org
Sun Jun 20 12:48:47 UTC 2010 

Author: nion
Date: 2010-06-20 12:48:44 +0000 (Sun, 20 Jun 2010)
New Revision: 14889

Modified:
   data/CVE/list
   data/NMU/list
Log:
CVE-2010-207{3,2} fixed in pyftpd 0.8.5
CVE-2010-0751 fixed in libnids 1.23-1.2
CVE-2009-4274 fixed in netpbm-free 2:10.0-12.2


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-06-20 12:12:03 UTC (rev 14888)
+++ data/CVE/list	2010-06-20 12:48:44 UTC (rev 14889)
@@ -593,10 +593,10 @@
 	[lenny] - w3m <no-dsa> (Minor issue)
 	TODO: File bug
 CVE-2010-2073 (auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and ...)
-	- pyftpd <unfixed> (low; bug #585776)
+	- pyftpd 0.8.5 (low; bug #585776)
 	[lenny] - pyftpd <no-dsa> (Minor issue)
 CVE-2010-2072 (Pyftpd 0.8.4 creates log files with predictable names in a temporary ...)
-	- pyftpd <unfixed> (low; bug #585773)
+	- pyftpd 0.8.5 (low; bug #585773)
 	[lenny] - pyftpd <no-dsa> (Minor issue)
 CVE-2010-2071 (The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the ...)
 	TODO: check
@@ -3125,7 +3125,7 @@
 CVE-2010-1145
 	REJECTED
 CVE-2010-0751 (The ip_evictor function in ip_fragment.c in libnids 1.24, as used in ...)
-	- libnids <unfixed> (low; bug #576281)
+	- libnids 1.23-1.2 (low; bug #576281)
 	[lenny] - libnids <no-dsa> (Minor issue)
 	NOTE: dsniff is the only software in Debian using this lib so the impact is pretty minor
 CVE-2010-1143 (Cross-site scripting (XSS) vulnerability in VMware View (formerly ...)
@@ -7282,7 +7282,7 @@
 	RESERVED
 CVE-2009-4274 (Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm ...)
 	{DSA-2026-1 DTSA-206-1}
-	- netpbm-free <unfixed> (medium; bug #569060)
+	- netpbm-free 2:10.0-12.2 (medium; bug #569060)
 CVE-2009-4273 (stap-server in SystemTap before 1.1 allows remote attackers to execute ...)
 	- systemtap 1.1-1 (bug #568865)
 	[lenny] - systemtap <not-affected> (Server component not yet present)

Modified: data/NMU/list
===================================================================
--- data/NMU/list	2010-06-20 12:12:03 UTC (rev 14888)
+++ data/NMU/list	2010-06-20 12:48:44 UTC (rev 14889)
@@ -200,3 +200,5 @@
 2010-04-09 krb5 1.8+dfsg-1.1
 2010-04-12 gmime2.4 2.4.14-1+nmu1
 2010-06-10 prewikka 1.0.0-1.1
+2010-06-20 libnids 1.23-1.2
+2010-06-20 netpbm-free 2:10.0-12.2

More information about the Secure-testing-commits mailing list