[Secure-testing-commits] r16523 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Wed Apr 13 19:27:22 UTC 2011
Author: gilbert-guest
Date: 2011-04-13 19:27:20 +0000 (Wed, 13 Apr 2011)
New Revision: 16523
Modified:
data/CVE/list
Log:
new krb5 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-04-13 18:53:14 UTC (rev 16522)
+++ data/CVE/list 2011-04-13 19:27:20 UTC (rev 16523)
@@ -3862,8 +3862,10 @@
[squeeze] - ftpcopy <no-dsa> (Minor issue)
[lenny] - ftpcopy <no-dsa> (Minor issue)
NOTE: CVE ID requested
-CVE-2011-0285
+CVE-2011-0285 [kadmind double free]
RESERVED
+ - krb5 <unfixed> (bug #622681)
+ NOTE: advisory says only 1.7 and greater are affected, but it looks to me like the vulnerable code is in fact present in lenny's 1.6
CVE-2011-0284 (Double free vulnerability in the prepare_error_as function in ...)
- krb5 1.8.3+dfsg-6 (low; bug #618517)
[squeeze] - krb5 <no-dsa> (Will be fixed through a point update)
More information about the Secure-testing-commits
mailing list