[Secure-testing-commits] r15338 - in data: . CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Thu Sep 16 21:31:44 UTC 2010 

Author: jmm-guest
Date: 2010-09-16 21:31:44 +0000 (Thu, 16 Sep 2010)
New Revision: 15338

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
- python2.7/expat code copy fixed in experimental
- encfs, moodle fixed
- remove openvpn entry, negligable security impact


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-09-16 21:14:45 UTC (rev 15337)
+++ data/CVE/list	2010-09-16 21:31:44 UTC (rev 15338)
@@ -817,13 +817,13 @@
 	NOTE: http://packetstormsecurity.org/1009-exploits/smbind-sql.txt
 CVE-2010-3075
 	RESERVED
-	- encfs <unfixed> (bug #595998)
+	- encfs 1.7.2-1 (bug #595998)
 CVE-2010-3074
 	RESERVED
-	- encfs <unfixed> (bug #595998)
+	- encfs 1.7.2-1 (bug #595998)
 CVE-2010-3073
 	RESERVED
-	- encfs <unfixed> (bug #595998)
+	- encfs 1.7.2-1 (bug #595998)
 CVE-2010-3072
 	RESERVED
 	- squid3 <unfixed> (bug #596086)
@@ -2559,7 +2559,7 @@
 	{DSA-2067-1}
 	- php-htmlpurifier 4.1.1+dfsg1-1
 	- mahara 1.2.5-1
-	- moodle <unfixed> (low; bug #593301)
+	- moodle 1.9.9.dfsg2-1 (low; bug #593301)
 	[lenny] - moodle <not-affected> (doesn't ship/use htmlpurifier)
 	- knowledgeroot 0.9.9.5-5
 	[lenny] - knowledgeroot <no-dsa> (low)
@@ -16829,10 +16829,6 @@
 	- apache2 2.2.9-1 (low; bug #535886)
 	[etch] - apache2 2.2.3-4+etch8
 	NOTE: fixed in etch in DSA-1816-1
-CVE-2009-XXXX [openvpn: possible symlink attack via client-connect script]
-	- openvpn <unfixed> (low; bug #534908)
-	[lenny] - openvpn <no-dsa> (Minor issue)
-	[etch] - openvpn <no-dsa> (Minor issue)
 CVE-2009-XXXX [xscreensaver: symlink attack enables local information disclosure]
 	- xscreensaver <not-affected> (does not run setuid in debian)
 	NOTE: http://bugs.debian.org/535870

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2010-09-16 21:14:45 UTC (rev 15337)
+++ data/embedded-code-copies	2010-09-16 21:31:44 UTC (rev 15338)
@@ -1170,6 +1170,7 @@
 	- python-xml <unfixed> (embed; bug #551940) [./extensions/expat/*]
 	- python2.5 <unfixable> (embed; bug #553403) [./Modules/expat/*]
 	- python2.4 <unfixable> (embed; bug #553403)
+	- python2.7 2.7-6 (embed)
 	- python-4suite <unfixed> (embed; bug #516935)
 	- wxwindows2.4 <removed> (embed)
 	- wxwidgets2.6 2.6.3.2.2-4 (embed)

More information about the Secure-testing-commits mailing list