[Secure-testing-commits] r16502 - in data: . CVE

Nico Golde nion at alioth.debian.org
Sat Apr 9 18:13:56 UTC 2011


Author: nion
Date: 2011-04-09 18:13:44 +0000 (Sat, 09 Apr 2011)
New Revision: 16502

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
CVE-2011-1091 fixed in pidgin 2.7.11-1 (no-dsa)
new rsync issue (CVE-2011-1097)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-04-09 16:18:40 UTC (rev 16501)
+++ data/CVE/list	2011-04-09 18:13:44 UTC (rev 16502)
@@ -1526,7 +1526,7 @@
 CVE-2011-1098 (Race condition in the createOutputFile function in logrotate.c in ...)
 	- logrotate <unfixed>
 CVE-2011-1097 (rsync 3.x before 3.0.8, when certain recursion, deletion, and ...)
-	TODO: check
+	- rsync <unfixed> (low; bug filed)
 CVE-2011-1096
 	RESERVED
 CVE-2011-1095 [glibc locale escaping issue]
@@ -1551,7 +1551,9 @@
 	NOTE: only exploitable by malicious scripts
 	NOTE: http://seclists.org/oss-sec/2011/q1/430
 CVE-2011-1091 (libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 ...)
-	TODO: check
+	- pidgin 2.7.11-1 (low)
+	[lenny] - pidgin <no-dsa> (Minor issue)
+	[squeeze] - pidgin <no-dsa> (Minor issue)
 CVE-2011-1090
 	RESERVED
 	- linux-2.6 2.6.38-1 (low)

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2011-04-09 16:18:40 UTC (rev 16501)
+++ data/spu-candidates.txt	2011-04-09 18:13:44 UTC (rev 16502)
@@ -76,7 +76,7 @@
 
 --
 
-pidgin (CVE-2011-XXXX)
+pidgin (CVE-2011-XXXX, CVE-2011-1091)
 http://www.pidgin.im/news/security/?id=50
 
 --




More information about the Secure-testing-commits mailing list