jmm-guest at alioth.debian.org
2008-Oct-03 22:30 UTC
[Secure-testing-commits] r9980 - / data data/CVE
Author: jmm-guest Date: 2008-10-03 22:30:16 +0000 (Fri, 03 Oct 2008) New Revision: 9980 Modified: data/CVE/list data/spu-candidates.txt tmp.txt Log: temp triage finished feta CVEfied Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-03 21:14:12 UTC (rev 9979) +++ data/CVE/list 2008-10-03 22:30:16 UTC (rev 9980) @@ -1,3 +1,12 @@ +CVE-2008-XXXX [ibackup: insecure temp files] + - ibackup <removed> (low; bug #496432) + [etch] - ibackup <no-dsa> (Minor issues) +CVE-2008-XXXX [aegis-web: insecure temp file] + - aegis 4.24-3.1 (low; bug #496400) + [etch] - aegis <no-dsa> (Minor issue) +CVE-2008-XXXX [aegis: insecure temp files] + - aegis <unfixed> (unimportant; bug #496402) + NOTE: Only present in example scripts CVE-2008-4401 RESERVED CVE-2008-4400 @@ -1582,6 +1591,7 @@ [etch] - mgetty <no-dsa> (Minor issue) CVE-2008-XXXX [sympa: multiple insecure temp files] - sympa 5.3.4-5.1 (low; bug #496405; bug #494969) + [etch] - sympa <no-dsa> (Minor issues) CVE-2008-XXXX [sng: insecure temp file] - sng 1.0.2-6 (low; bug #496407) [etch] - sng <no-dsa> (Minor issue) @@ -1590,7 +1600,8 @@ [etch] - aview <no-dsa> (Minor issue) CVE-2008-XXXX [fwbuilder: insecure temp file] - fwbuilder 2.1.19-5 (low; bug #496406) -CVE-2008-XXXX [feta: insecure temp file in to-upgrade plugin] + [etch] - fwbuilder <no-dsa> (Minor issue) +CVE-2008-4440 [feta: insecure temp file in to-upgrade plugin] - feta 1.4.16+nmu1 (low; bug #496397) CVE-2008-XXXX [postfix: insecure temp file] - postfix <unfixed> (unimportant; bug #496401) @@ -1637,6 +1648,7 @@ - qemu 0.9.1-6 (low; bug #496394) CVE-2008-XXXX [rancid: insecure temp file] - rancid 2.3.2~a8-2 (low; bug #496426) + [etch] - rancid <no-dsa> (Minor issue) CVE-2008-XXXX [vdr: insecure temp file] - vdr 1.6.0-6 (low; bug #496421) [etch] - vdr <not-affected> (Vulnerable code not present) Modified: data/spu-candidates.txt ==================================================================--- data/spu-candidates.txt 2008-10-03 21:14:12 UTC (rev 9979) +++ data/spu-candidates.txt 2008-10-03 22:30:16 UTC (rev 9980) @@ -11,6 +11,11 @@ -- +aegis +#496400 + +-- + apertium #496395 notified maintainer @@ -145,6 +150,11 @@ -- +fwbuilder +#496406 + +-- + gdrae #496378 notified maintainer @@ -280,6 +290,11 @@ -- +rancid +#496426 + +-- + rccp #496364 notified maintainer @@ -359,6 +374,11 @@ -- +sympa +#496405; bug #494969 + +-- + tintin++ (CVE-2008-0673 CVE-2008-0672 CVE-2008-0671) #465643 notified maintainer Modified: tmp.txt ==================================================================--- tmp.txt 2008-10-03 21:14:12 UTC (rev 9979) +++ tmp.txt 2008-10-03 22:30:16 UTC (rev 9980) @@ -15,12 +15,6 @@ a point update, oss-security should be better than a CNA pool since there''s a risk of collisions - Binary-package: ibackup (2.27-4.1) - Binary-package: rancid-util (2.3.2~a8-1) - Binary-package: fwbuilder (2.1.19-3) - Binary-package: sympa (5.3.4-5) - Binary-package: aegis (4.24-3) - Binary-package: aegis-web (4.24-3) DSA: (Name in brackets if someone prepares a DSA) @@ -32,6 +26,11 @@ SPU: + Binary-package: ibackup (2.27-4.1) + Binary-package: sympa (5.3.4-5) + Binary-package: fwbuilder (2.1.19-3) + Binary-package: aegis-web (4.24-3) + Binary-package: rancid-util (2.3.2~a8-1) Binary-package: fml (4.0.3.dfsg-2) Binary-package: gdrae (0.1-1) Binary-package: cdrw-taper (0.4-2) @@ -90,6 +89,7 @@ Binary-package: printfilters-ppd (2.13-9) Binary-package: sendmail-base (8.14.3-5) Binary-package: gccxml (0.9.0+cvs20080525-1) + Binary-package: aegis (4.24-3)