[Secure-testing-commits] r19777 - data/CVE

Nico Golde nion at alioth.debian.org
Sat Jul 21 11:25:25 UTC 2012


Author: nion
Date: 2012-07-21 11:25:24 +0000 (Sat, 21 Jul 2012)
New Revision: 19777

Modified:
   data/CVE/list
Log:
CVE-2012-3409 does not affect our version in squeeze, attacker cant freely chose mointpoints

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-07-21 11:11:44 UTC (rev 19776)
+++ data/CVE/list	2012-07-21 11:25:24 UTC (rev 19777)
@@ -1294,6 +1294,7 @@
 CVE-2012-3409
 	RESERVED
 	- ecryptfs-utils 99-1 (bug #682220)
+	[squeeze] - ecryptfs-utils <not-affected> (home src/dest mountpoints hardcoded in that version)
 CVE-2012-3408 [Puppet allows agents with certnames of IP addresses to be impersonated]
 	RESERVED
 	- puppet <unfixed> (low)




More information about the Secure-testing-commits mailing list