[Secure-testing-commits] r26447 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Sun Apr 6 18:48:27 UTC 2014


Author: helmutg
Date: 2014-04-06 18:48:27 +0000 (Sun, 06 Apr 2014)
New Revision: 26447

Modified:
   data/CVE/list
Log:
NFU OBS using cpio in a bad way

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-04-06 17:34:31 UTC (rev 26446)
+++ data/CVE/list	2014-04-06 18:48:27 UTC (rev 26447)
@@ -59001,7 +59001,8 @@
 CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before ...)
 	NOT-FOR-US: Novell Netware
 CVE-2010-4226 (cpio, as used in build 2007.05.10, 2010.07.28, and possibly other ...)
-	TODO: check
+	NOT-FOR-US: OpenSuSE build services
+	NOTE: This might qualify as a cpio hardening issue, but this CVE-ID is not about cpio itself.
 CVE-2010-4225 (Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x ...)
 	- mono 2.6.7-5 (bug #608288)
 CVE-2010-4224




More information about the Secure-testing-commits mailing list