Author: jmm-guest Date: 2005-09-28 10:22:39 +0000 (Wed, 28 Sep 2005) New Revision: 2206 Modified: data/CAN/list Log: new sudo issue; dump fixed Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-09-28 10:09:48 UTC (rev 2205) +++ data/CAN/list 2005-09-28 10:22:39 UTC (rev 2206) @@ -250,8 +250,9 @@ RESERVED CAN-2005-2960 RESERVED -CAN-2005-2959 +CAN-2005-2959 [Sudo does not sanitize SHELLOPTS and PS4 shell env vars before starting sudoed apps] RESERVED + - sudo 1.6.8p9-3 (medium) CAN-2005-2958 RESERVED CAN-2005-2957 (Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 ...) @@ -3419,7 +3420,7 @@ NOTE: exploitability using this hole. - dpkg 1.13.11 (bug #317967; medium) - zsync 0.4.0-2 (medium) - - dump <unfixed> (bug #317966; medium) + - dump 0.4b40-1 (bug #317966; medium) - aide 0.10-6.1.1 (bug #317523; medium) - amd64-libs <unfixed> (bug #317970; medium) - ia32-libs <unfixed> (bug #317971; medium)