Author: nion Date: 2008-02-01 10:11:53 +0000 (Fri, 01 Feb 2008) New Revision: 8066 Modified: data/CVE/list Log: xdg-utils not-affected by CVE-2008-0386 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-31 21:54:42 UTC (rev 8065) +++ data/CVE/list 2008-02-01 10:11:53 UTC (rev 8066) @@ -243,7 +243,8 @@ TODO: check CVE-2008-0386 [arbitrary code execution in xdg-utils via crafted path name] RESERVED - - xdg-utils <unfixed> (low; bug #463471) + - xdg-utils <not-affected> (Ships a patch that modifies the vulnerable code and uses sed secure) + NOTE: xdg-open-generic replaces the vulnerable code and runs view-mailcap or sensible-browser CVE-2008-0385 RESERVED CVE-2008-0384 (OpenBSD 4.2 allows local users to cause a denial of service (kernel ...)