[Secure-testing-commits] r15338 - in data: . CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Thu Sep 16 21:31:44 UTC 2010
Author: jmm-guest
Date: 2010-09-16 21:31:44 +0000 (Thu, 16 Sep 2010)
New Revision: 15338
Modified:
data/CVE/list
data/embedded-code-copies
Log:
- python2.7/expat code copy fixed in experimental
- encfs, moodle fixed
- remove openvpn entry, negligable security impact
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-16 21:14:45 UTC (rev 15337)
+++ data/CVE/list 2010-09-16 21:31:44 UTC (rev 15338)
@@ -817,13 +817,13 @@
NOTE: http://packetstormsecurity.org/1009-exploits/smbind-sql.txt
CVE-2010-3075
RESERVED
- - encfs <unfixed> (bug #595998)
+ - encfs 1.7.2-1 (bug #595998)
CVE-2010-3074
RESERVED
- - encfs <unfixed> (bug #595998)
+ - encfs 1.7.2-1 (bug #595998)
CVE-2010-3073
RESERVED
- - encfs <unfixed> (bug #595998)
+ - encfs 1.7.2-1 (bug #595998)
CVE-2010-3072
RESERVED
- squid3 <unfixed> (bug #596086)
@@ -2559,7 +2559,7 @@
{DSA-2067-1}
- php-htmlpurifier 4.1.1+dfsg1-1
- mahara 1.2.5-1
- - moodle <unfixed> (low; bug #593301)
+ - moodle 1.9.9.dfsg2-1 (low; bug #593301)
[lenny] - moodle <not-affected> (doesn't ship/use htmlpurifier)
- knowledgeroot 0.9.9.5-5
[lenny] - knowledgeroot <no-dsa> (low)
@@ -16829,10 +16829,6 @@
- apache2 2.2.9-1 (low; bug #535886)
[etch] - apache2 2.2.3-4+etch8
NOTE: fixed in etch in DSA-1816-1
-CVE-2009-XXXX [openvpn: possible symlink attack via client-connect script]
- - openvpn <unfixed> (low; bug #534908)
- [lenny] - openvpn <no-dsa> (Minor issue)
- [etch] - openvpn <no-dsa> (Minor issue)
CVE-2009-XXXX [xscreensaver: symlink attack enables local information disclosure]
- xscreensaver <not-affected> (does not run setuid in debian)
NOTE: http://bugs.debian.org/535870
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2010-09-16 21:14:45 UTC (rev 15337)
+++ data/embedded-code-copies 2010-09-16 21:31:44 UTC (rev 15338)
@@ -1170,6 +1170,7 @@
- python-xml <unfixed> (embed; bug #551940) [./extensions/expat/*]
- python2.5 <unfixable> (embed; bug #553403) [./Modules/expat/*]
- python2.4 <unfixable> (embed; bug #553403)
+ - python2.7 2.7-6 (embed)
- python-4suite <unfixed> (embed; bug #516935)
- wxwindows2.4 <removed> (embed)
- wxwidgets2.6 2.6.3.2.2-4 (embed)
More information about the Secure-testing-commits
mailing list