thr3ads.net - Secure testing commits - [Secure-testing-commits] r2869

If this information is useful, please help other people find it:
Share via:

Micah Anderson

2005-Nov-27 17:57 UTC

[Secure-testing-commits] r2869 - data/CVE

Author: micah
Date: 2005-11-27 17:57:14 +0000 (Sun, 27 Nov 2005)
New Revision: 2869

Modified:
   data/CVE/list
Log:
Trackballs fix


Modified: data/CVE/list
==================================================================---
data/CVE/list	2005-11-27 11:49:03 UTC (rev 2868)
+++ data/CVE/list	2005-11-27 17:57:14 UTC (rev 2869)
@@ -8822,8 +8822,10 @@
 CVE-2005-XXXX [Logging bypassing through SIGHUP in syslog-ng]
 	- syslog-ng 1.6.5-2.1
 CVE-2005-XXXX [trackballs: Follows symlinks as gid games]
-	- trackballs <unfixed> (bug #302454; medium)
-	NOTE: CVE request sent to mitre
+	- trackballs 1.1.1-1 (bug #302454; medium)
+	NOTE: CVE request sent to mitre (who sent this? any response?)
+	NOTE: Trackballs doesn''t run as gid games anymore, high-score files
are
+	NOTE: stored in user''s home directories instead.
 	TODO: check possibility of exploitation via scripting language,
 	TODO: as mentioned in the bug report as a separate issue
 CVE-2005-XXXX [Less secure default setting in pwgen or the lack documentation
about it]

Secure testing commits - Nov 2005 - r2869 - data/CVE

[Secure-testing-commits] r2869 - data/CVE