[Secure-testing-commits] r15282 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Tue Sep 7 12:43:12 UTC 2010
Author: jmm-guest
Date: 2010-09-07 12:43:10 +0000 (Tue, 07 Sep 2010)
New Revision: 15282
Modified:
data/CVE/list
Log:
new sudo issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-07 09:15:08 UTC (rev 15281)
+++ data/CVE/list 2010-09-07 12:43:10 UTC (rev 15282)
@@ -608,8 +608,11 @@
CVE-2010-2957 [serendipity xss]
RESERVED
- serendipity 1.5.3-2
-CVE-2010-2956
+CVE-2010-2956 [sudo issue]
RESERVED
+ - sudo <unfixed> (bug filed)
+ [lenny] - sudo <not-affected> (Only affects 1.7.x)
+ NOTE: http://www.sudo.ws/sudo/alerts/runas_group.html
CVE-2010-2955 [infoleak in wireless extensions]
RESERVED
- linux-2.6 <unfixed>
@@ -2007,7 +2010,7 @@
CVE-2010-2420 (Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser ...)
NOT-FOR-US: Sleipnir
CVE-2008-7258 (** DISPUTED ** ...)
- - ssmtp <unfixed> (bug #591515)
+ - ssmtp <unfixed> (unimportant; bug #591515)
CVE-2008-7257 (CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco ...)
NOT-FOR-US: Cisco Adaptive Security Appliances
CVE-2010-2479 (Cross-site scripting (XSS) vulnerability in HTML Purifier before ...)
More information about the Secure-testing-commits
mailing list