[Secure-testing-commits] r17850 - in data: . CVE

[Michael Gilbert]

Author: gilbert-guest
Date: 2011-12-22 18:36:06 +0000 (Thu, 22 Dec 2011)
New Revision: 17850

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
some sudo info

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-12-22 18:33:52 UTC (rev 17849)
+++ data/CVE/list	2011-12-22 18:36:06 UTC (rev 17850)
@@ -8137,6 +8137,8 @@
 	RESERVED
 	- shadow <unfixed> (bug #628843)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=173008
+	- sudo <undetermined>
+	NOTE: ubuntu indicates sudo may also be affected, but that code is completely different, so that seems unlikely
 CVE-2011-2331 (Integer overflow in img.exe in HP Intelligent Management Center (IMC) ...)
 	NOT-FOR-US: HP Intelligent Management Center (IMC)
 CVE-2011-2330 (Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2011-12-22 18:33:52 UTC (rev 17849)
+++ data/embedded-code-copies	2011-12-22 18:36:06 UTC (rev 17850)
@@ -158,6 +158,8 @@
 	- python2.4 <unfixed> (embed; bug #553403)
 	- python2.5 <unfixed> (embed; bug #553403)
         - texlive-bin <unknown> (embed)
+        - sudo <unknown> (embed)
+        NOTE: source package embeds zlib but it isn't built and doesn't seem to be used anyway
 
 dulwich
         - hg-git 0.1.0-1 (embed; bug #541996)