Author: nion Date: 2008-10-03 12:44:49 +0000 (Fri, 03 Oct 2008) New Revision: 9963 Modified: data/CVE/list Log: add note on impact of CVE-2008-3521 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-03 12:25:19 UTC (rev 9962) +++ data/CVE/list 2008-10-03 12:44:49 UTC (rev 9963) @@ -2104,6 +2104,7 @@ - jasper <unfixed> (medium; bug #501021) CVE-2008-3521 (The jas_stream_tmpfile function in libjasper/base/jas_stream.c in ...) - jasper <unfixed> (unimportant; bug #501021) + NOTE: file is opened with O_EXCL even if tmpnam is used in this case CVE-2008-3520 (Multiple integer overflows in JasPer 1.900.1 might allow ...) - jasper <unfixed> (medium; bug #501021) CVE-2008-3519 (The default configuration of the JBossAs component in Red Hat JBoss ...)