[Secure-testing-commits] r38500 - data/CVE

[Thorsten Alteholz]

Author: alteholz
Date: 2015-12-23 18:32:09 +0000 (Wed, 23 Dec 2015)
New Revision: 38500

Modified:
   data/CVE/list
Log:
t-coffee: Squeeze is not affected

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-23 18:16:43 UTC (rev 38499)
+++ data/CVE/list	2015-12-23 18:32:09 UTC (rev 38500)
@@ -1,6 +1,6 @@
 CVE-2015-8621 [t-coffee: creates world-writable directories]
 	- t-coffee 11.00.8cbe486-2 (low; bug #751579)
-	[squeeze] - t-coffee <no-dsa> (Minor issue)
+	[squeeze] - t-coffee <not-affected> (version in Squeeze uses system() and umask is handled correctly by sh (as opposed to later versions that use mkdir()))
 	[wheezy] - t-coffee <no-dsa> (Minor issue)
 	[jessie] - t-coffee <no-dsa> (Minor issue)
 CVE-2015-8619 [hmp: stack based OOB write in hmp_sendkey routine]