Author: jmm-guest Date: 2006-04-03 07:25:35 +0000 (Mon, 03 Apr 2006) New Revision: 3731 Modified: data/CVE/list Log: two further rpath issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-02 20:02:36 UTC (rev 3730) +++ data/CVE/list 2006-04-03 07:25:35 UTC (rev 3731) @@ -126,6 +126,12 @@ CVE-2006-XXXX [gauche-config rpath set to user home] - gauche <unfixed> (bug #358139; low) [sarge] - gauche <not-affected> (gauche-config is a shell script in Sarge) +CVE-2006-XXXX [tcpquota rpath set to user home] + - tcpquota <unfixed> (bug #358369; low) + [sarge] - tcpquota <no-dsa> (Only exploitable with strange AFS cell name) +CVE-2006-XXXX [hamlib3-perl rpath set to user home] + - hamlib <unfixed> (bug #358166; low) + [sarge] - hamlib <no-dsa> (Only exploitable with strange user name) CVE-2006-1550 [dia buffer overflow in xfig import] - dia 0.94.0-18 CVE-2006-1498 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and ...)