[Secure-testing-commits] r17427 - data data/CVE hardening

Moritz Muehlenhoff jmm at alioth.debian.org
Sat Oct 15 16:08:33 UTC 2011 

Author: jmm
Date: 2011-10-15 16:08:32 +0000 (Sat, 15 Oct 2011)
New Revision: 17427

Modified:
   data/CVE/list
   data/next-point-update.txt
   hardening/subgoal-dsa.txt
Log:
etherape fixed in sid and spu


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-10-15 04:18:22 UTC (rev 17426)
+++ data/CVE/list	2011-10-15 16:08:32 UTC (rev 17427)
@@ -1840,7 +1840,7 @@
 CVE-2011-3370
 	RESERVED
 CVE-2011-3369 (The add_conversation function in conversations.c in EtherApe before ...)
-	- etherape <unfixed> (low; bug #645324)
+	- etherape 0.9.12-1 (low; bug #645324)
 	[lenny] - etherape <no-dsa> (Minor issue)
 	[squeeze] - etherape <no-dsa> (Minor issue)
 CVE-2011-3368 (The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, ...)

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2011-10-15 04:18:22 UTC (rev 17426)
+++ data/next-point-update.txt	2011-10-15 16:08:32 UTC (rev 17427)
@@ -1,3 +1,5 @@
 CVE-2011-XXXX [unsafe use of eval]
 	- libdigest-perl 1.16-1+squeeze1
+CVE-2011-3369 
+	[squeeze] - etherape 0.9.8-1+squeeze1
 

Modified: hardening/subgoal-dsa.txt
===================================================================
--- hardening/subgoal-dsa.txt	2011-10-15 04:18:22 UTC (rev 17426)
+++ hardening/subgoal-dsa.txt	2011-10-15 16:08:32 UTC (rev 17427)
@@ -365,8 +365,9 @@
 
 
 Partially fixed:
--
+libmusicbrainz-2.1 (2.1_2.1.5-6.1) (znow missing)
 
+
 Fixed through cdbs (log or pkg should be checked, before moving to
 Resolved/fixed, since some Makefile or buildsystem foo might reset
 flags)
@@ -375,11 +376,11 @@
 ghostscript (9.04~dfsg-1)
 
 
-Resolved/fixed:
+Resolved/fixed: (should be double-checked with hardening-check from
+hardening-includes before moving it here):
 mailman (1:2.1.14-3)
 ncompress (4.2.4.4-3)
 xzgv (5.9-3)
-libmusicbrainz-2.1 (2.1_2.1.5-6.1)
 
 
 Packages using hardening-wrapper/-includes (these are considered fixed, although

More information about the Secure-testing-commits mailing list