thr3ads.net - Secure testing commits - [Secure-testing-commits] r2009

If this information is useful, please help other people find it:
Share via:

Micah Anderson

2005-Sep-15 23:04 UTC

[Secure-testing-commits] r2009 - data/DTSA/advs

Author: micah
Date: 2005-09-15 23:03:31 +0000 (Thu, 15 Sep 2005)
New Revision: 2009

Added:
   data/DTSA/advs/17-lm-sensors.adv
   data/DTSA/advs/18-kdelibs.adv
Removed:
   data/DTSA/advs/17-kdelibs.adv
   data/DTSA/advs/18-lm-sensors.adv
Log:
Moving kdelibs up so i can release lm-sensors


Deleted: data/DTSA/advs/17-kdelibs.adv
==================================================================---
data/DTSA/advs/17-kdelibs.adv	2005-09-15 22:36:11 UTC (rev 2008)
+++ data/DTSA/advs/17-kdelibs.adv	2005-09-15 23:03:31 UTC (rev 2009)
@@ -1,15 +0,0 @@
-source: kdelibs
-date: September 13th, 2005
-author: Moritz Muehlenhoff
-vuln-type: insecure default permissions
-problem-scope: local
-debian-specifc: no
-cve: CAN-2005-1920
-vendor-advisory: 
-testing-fix: 4:3.3.2-6.1etch1
-sid-fix: 4:3.4.2-1
-upgrade: apt-get install kdelibs4
-
-kate always created backup files for edited files with default permissions,
-even if the original permissions were stricter. This could lead to information
-disclosure.
\ No newline at end of file

Copied: data/DTSA/advs/17-lm-sensors.adv (from rev 2008,
data/DTSA/advs/18-lm-sensors.adv)

Copied: data/DTSA/advs/18-kdelibs.adv (from rev 2006,
data/DTSA/advs/17-kdelibs.adv)

Deleted: data/DTSA/advs/18-lm-sensors.adv
==================================================================---
data/DTSA/advs/18-lm-sensors.adv	2005-09-15 22:36:11 UTC (rev 2008)
+++ data/DTSA/advs/18-lm-sensors.adv	2005-09-15 23:03:31 UTC (rev 2009)
@@ -1,19 +0,0 @@
-source: lm-sensors
-date: September 15th, 2005
-author: Micah Anderson
-vuln-type: insecure temporary file
-problem-scope: local
-debian-specifc: no
-cve: CAN-2005-2672
-vendor-advisory: 
-testing-fix: lm-sensors_1:2.9.1-6etch1
-sid-fix: 1:2.9.1-7
-upgrade: apt-get install lm-sensors
-
-Javier Fern?ndez-Sanguino Pe?a discovered that a script included in
-lm-sensors, used to read temperature/voltage/fan sensors, creates a temporary
-file with a predictable filename, leaving it vulnerable for a symlink
-attack.
-
-Note that this is the same set of security fixes put into stable in
-DSA-814-1.

Secure testing commits - Sep 2005 - r2009 - data/DTSA/advs

[Secure-testing-commits] r2009 - data/DTSA/advs