[Secure-testing-commits] r17427 - data data/CVE hardening
Moritz Muehlenhoff
jmm at alioth.debian.org
Sat Oct 15 16:08:33 UTC 2011
Author: jmm
Date: 2011-10-15 16:08:32 +0000 (Sat, 15 Oct 2011)
New Revision: 17427
Modified:
data/CVE/list
data/next-point-update.txt
hardening/subgoal-dsa.txt
Log:
etherape fixed in sid and spu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-10-15 04:18:22 UTC (rev 17426)
+++ data/CVE/list 2011-10-15 16:08:32 UTC (rev 17427)
@@ -1840,7 +1840,7 @@
CVE-2011-3370
RESERVED
CVE-2011-3369 (The add_conversation function in conversations.c in EtherApe before ...)
- - etherape <unfixed> (low; bug #645324)
+ - etherape 0.9.12-1 (low; bug #645324)
[lenny] - etherape <no-dsa> (Minor issue)
[squeeze] - etherape <no-dsa> (Minor issue)
CVE-2011-3368 (The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, ...)
Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt 2011-10-15 04:18:22 UTC (rev 17426)
+++ data/next-point-update.txt 2011-10-15 16:08:32 UTC (rev 17427)
@@ -1,3 +1,5 @@
CVE-2011-XXXX [unsafe use of eval]
- libdigest-perl 1.16-1+squeeze1
+CVE-2011-3369
+ [squeeze] - etherape 0.9.8-1+squeeze1
Modified: hardening/subgoal-dsa.txt
===================================================================
--- hardening/subgoal-dsa.txt 2011-10-15 04:18:22 UTC (rev 17426)
+++ hardening/subgoal-dsa.txt 2011-10-15 16:08:32 UTC (rev 17427)
@@ -365,8 +365,9 @@
Partially fixed:
--
+libmusicbrainz-2.1 (2.1_2.1.5-6.1) (znow missing)
+
Fixed through cdbs (log or pkg should be checked, before moving to
Resolved/fixed, since some Makefile or buildsystem foo might reset
flags)
@@ -375,11 +376,11 @@
ghostscript (9.04~dfsg-1)
-Resolved/fixed:
+Resolved/fixed: (should be double-checked with hardening-check from
+hardening-includes before moving it here):
mailman (1:2.1.14-3)
ncompress (4.2.4.4-3)
xzgv (5.9-3)
-libmusicbrainz-2.1 (2.1_2.1.5-6.1)
Packages using hardening-wrapper/-includes (these are considered fixed, although
More information about the Secure-testing-commits
mailing list