thr3ads.net - Secure testing commits - [Secure-testing-commits] r9979

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2008-Oct-03 21:14 UTC
[Secure-testing-commits] r9979 - data/CVE

Author: joeyh
Date: 2008-10-03 21:14:12 +0000 (Fri, 03 Oct 2008)
New Revision: 9979

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-10-03 20:44:02 UTC (rev 9978)
+++ data/CVE/list	2008-10-03 21:14:12 UTC (rev 9979)
@@ -1,44 +1,56 @@
+CVE-2008-4401
+	RESERVED
+CVE-2008-4400
+	RESERVED
+CVE-2008-4399
+	RESERVED
+CVE-2008-4398
+	RESERVED
+CVE-2008-4397
+	RESERVED
+CVE-2008-4396 (Stack-based buffer overflow in Safer Networking FileAlyzer
1.6.0.0 and ...)
+	TODO: check
 CVE-2008-XXXX [ltp: insecure temp file]
 	- ltp 20060918-3 (low; bug #496411)
-        [etch] - ltp <no-dsa> (Documented to be only suitable for single
user setups currently)
+	[etch] - ltp <no-dsa> (Documented to be only suitable for single user
setups currently)
 CVE-2008-XXXX [fml: insecure temp file]
 	- fml <removed> (low; bug #496370)
-        [etch] - fml <no-dsa> (Minor issue)
+	[etch] - fml <no-dsa> (Minor issue)
 CVE-2008-XXXX [gccxml: insecure temp file]
 	- gccxml <unfixed> (unimportant; bug #496391)
-        NOTE: Only applies to a script used for an obscure SGI compiler
+	NOTE: Only applies to a script used for an obscure SGI compiler
 CVE-2008-XXXX [bulmages: insecure temp file]
 	- bulmages <unfixed> (low; bug #496382)
-        NOTE: Only present in example scripts
+	NOTE: Only present in example scripts
 CVE-2008-XXXX [printfilters-ppd: insecure temp file]
 	- printfilters-ppd <unfixed> (unimportant; bug #496417)
-        NOTE: Only exploitable when modifying master-filter by hand
+	NOTE: Only exploitable when modifying master-filter by hand
 CVE-2008-XXXX [freevo: insecure temp file]
 	- freevo <unfixed> (unimportant; bug #496373)
-        NOTE: Only exploitable when modifying script by hand
+	NOTE: Only exploitable when modifying script by hand
 CVE-2008-XXXX [netmrg: insecure temp file]
 	- netmrg 0.20-2 (low; bug #496384)
-        [etch] - netmrg <no-dsa> (Minor issue)
+	[etch] - netmrg <no-dsa> (Minor issue)
 CVE-2008-XXXX [impose+: insecure temp file]
 	- impose+ 1.8-11.2 (low; bug #496435)
-        [etch] - impose+ <no-dsa> (Minor issue)
+	[etch] - impose+ <no-dsa> (Minor issue)
 CVE-2008-XXXX [konwert: insecure temp file]
 	- konwert 1.8-11.2 (low; bug #496379)
-        [etch] - konwert <no-dsa> (Minor issue)
+	[etch] - konwert <no-dsa> (Minor issue)
 CVE-2008-XXXX [wims: insecure temp file]
 	- wims <unfixed> (low; bug #496387)
-        [etch] - wims <no-dsa> (Minor issue)
+	[etch] - wims <no-dsa> (Minor issue)
 CVE-2008-XXXX [freeradius-dialupadmin: insecure temp file]
 	- freeradius 2.0.4+dfsg-6 (low; bug #496430)
 CVE-2008-XXXX [bk2site: insecure temp file]
 	- bk2site <unfixed> (unimportant; bug #496430)
-        NOTE: Only debug code, script needs to be edited to exploit this
+	NOTE: Only debug code, script needs to be edited to exploit this
 CVE-2008-XXXX [cman: insecure temp file]
 	- redhat-cluster <unfixed> (low; bug #496410)
-        [etch] - redhat-cluster <no-dsa> (Minor issue)
+	[etch] - redhat-cluster <no-dsa> (Minor issue)
 CVE-2008-XXXX [scilab: insecure temp file]
 	- scilab 4.1.2-6 (low; bug #496414)
-        [etch] - scilab <no-dsa> (Non-free not supported)
+	[etch] - scilab <no-dsa> (Non-free not supported)
 CVE-2008-4395
 	RESERVED
 CVE-2008-4394
@@ -481,7 +493,7 @@
 	- cman <unfixed> (bug #496410; low)
 CVE-2008-4191 (extract-table.pl in Emacspeak 26 and 28 allows local users to
...)
 	- emacspeak 28.0-2 (bug #496431; low)
-        [etch] - emacspeak <no-dsa> (Minor issue)
+	[etch] - emacspeak <no-dsa> (Minor issue)
 CVE-2008-4190 (The IPSEC livetest tool in Openswan 2.4.4 and earlier allows
local ...)
 	- openswan 1:2.4.12+dfsg-1.3 (bug #496374; low)
 CVE-2008-XXXX [jumpnbump: insecure temp file]
@@ -489,10 +501,10 @@
 	[etch] - jumpnbump <no-dsa> (Minor issue)
 CVE-2008-XXXX [gpsdrive: insecure temp file]
 	- gpsdrive 2.10~pre4-6.dfsg-1 (low; bug #496436)
-        [etch] - gpsdrive <no-dsa> (Minor issue)
+	[etch] - gpsdrive <no-dsa> (Minor issue)
 CVE-2008-XXXX [dist: insecure temp file]
 	- dist 1:3.5-17-2 (low; bug #496412)
-        [etch] - dist <no-dsa> (Minor issue)
+	[etch] - dist <no-dsa> (Minor issue)
 CVE-2008-XXXX [lustre: insecure temp files]
 	- lustre 1.6.5.1-1 (low; bug #496371)
 CVE-2008-4247 (ftpd in OpenBSD 4.3, FreeBSD 7.0, and NetBSD 4.0 interprets long
...)
@@ -1000,6 +1012,7 @@
 CVE-2008-3971 (Heap-based buffer overflow in the open_man_file function in ...)
 	- gmanedit 0.4.1-1.1 (medium; bug #497835)
 CVE-2008-3970 (pam_mount 0.10 through 0.45, when luserconf is enabled, does not
...)
+	{DTSA-169-1}
 	- libpam-mount 0.48-1 (bug #499841)
 CVE-2008-3969 (Multiple unspecified vulnerabilities in BitlBee before 1.2.3
allow ...)
 	- bitlbee 1.2.3-1 (bug #498159)
@@ -1528,7 +1541,7 @@
 	- convirt <unfixed> (medium; bug #496419)
 CVE-2008-XXXX [audiolink: insecure temp files]
 	- audiolink 0.05-1.1 (low; bug #496433)
-        [etch] - audiolink <no-dsa> (Minor issue)
+	[etch] - audiolink <no-dsa> (Minor issue)
 CVE-2008-XXXX [lmbench: insecure temp files]
 	- lmbench <unfixed> (low; bug #496427)
 	[etch] - lmbench <no-dsa> (Non-free not supported)
@@ -1536,7 +1549,7 @@
 	- newsgate <removed> (low; bug #496437)
 CVE-2008-XXXX [myspell: insecure temp files]
 	- myspell 1:3.0+pre3.1-21 (low; bug #496392)
-        [etch] - myspell <no-dsa> (Minor issue)
+	[etch] - myspell <no-dsa> (Minor issue)
 CVE-2008-XXXX [insecure temp file in ogle]
 	- ogle <unfixed> (unimportant; bug #496420; bug #496425)
 	NOTE: This only affects debugging scripts not present in standard path
@@ -1548,7 +1561,7 @@
 	- nvi 1.81.6-4 (low)
 CVE-2008-XXXX [rkhunter: insecure temp file]
 	- rkhunter 1.3.2-6 (low; bug #496375)
-        [etch] - rkhunter <no-dsa> (Minor issue, only in debug mode)
+	[etch] - rkhunter <no-dsa> (Minor issue, only in debug mode)
 CVE-2008-XXXX [scratchbox2: insecure temp file]
 	- scratchbox2 1.99.0.24-2 (low; bug #496409)
 CVE-2008-XXXX [realtimebattle: insecure temp file]
@@ -1563,10 +1576,10 @@
 	- mafft 6.240-2 (low; bug #496366)
 CVE-2008-XXXX [xen-3: insecure temp file]
 	- xen-3 <unfixed> (low; bug #496367)
-        [etch] - xen-3 <no-dsa> (Minor issue)
+	[etch] - xen-3 <no-dsa> (Minor issue)
 CVE-2008-XXXX [mgetty: insecure temp files]
 	- mgetty 1.1.36-1.3 (low; bug #496403)
-        [etch] - mgetty <no-dsa> (Minor issue)
+	[etch] - mgetty <no-dsa> (Minor issue)
 CVE-2008-XXXX [sympa: multiple insecure temp files]
 	- sympa 5.3.4-5.1 (low; bug #496405; bug #494969)
 CVE-2008-XXXX [sng: insecure temp file]
@@ -1587,7 +1600,7 @@
 	[etch] - cdcontrol <no-dsa> (Minor issue)
 CVE-2008-XXXX [sgml2x: insecure temp file]
 	- sgml2x 1.0.0-11.2 (low; bug #496368)
-        [etch] - sgml2x <no-dsa> (Minor issue)
+	[etch] - sgml2x <no-dsa> (Minor issue)
 CVE-2008-XXXX [dtc-common: insecure temp file]
 	- dtc 0.29.10-1 (low; bug #496362)
 CVE-2008-XXXX [liguidsoap: insecure temp file]
@@ -1600,7 +1613,7 @@
 	[etch] - xcal <no-dsa> (Minor issue)
 CVE-2008-XXXX [r-base: insecure temp file]
 	- r-base 2.7.2-1 (low; bug #496418)
-        [etch] - r-base <no-dsa> (Minor issue)
+	[etch] - r-base <no-dsa> (Minor issue)
 	- r-base-core-ra 1.1.1-2 (low; bug #496363)
 	[lenny] - r-base 2.7.1-1+lenny1
 CVE-2008-3791 (src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop ...)
@@ -1631,7 +1644,7 @@
 	- lazarus 0.9.24-0-11 (low; bug #496377)
 CVE-2008-XXXX [crossfire-maps: insecure temp file]
 	- crossfire-maps 1.11.0-2 (low; bug #496358)
-        [etch] - crossfire-maps <no-dsa> (Minor issue)
+	[etch] - crossfire-maps <no-dsa> (Minor issue)
 CVE-2008-3794 (Integer signedness error in the mms_ReceiveCommand function in
...)
 	{DTSA-166-1}
 	- vlc 0.8.6.h-4 (medium; bug #496265)
Secure testing commits - Oct 2008 - r9979 - data/CVE

[Secure-testing-commits] r9979 - data/CVE
