Moritz Muehlenhoff
2006-Apr-03 23:45 UTC
[Secure-testing-commits] r3739 - in data: CVE DSA
Author: jmm-guest
Date: 2006-04-03 23:44:40 +0000 (Mon, 03 Apr 2006)
New Revision: 3739
Modified:
data/CVE/list
data/DSA/list
Log:
new dsa
two rpath issues fixed
fixed syntax of busybox entry
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-04-03 21:14:26 UTC (rev 3738)
+++ data/CVE/list 2006-04-03 23:44:40 UTC (rev 3739)
@@ -233,10 +233,10 @@
- subversion 1.3.0-5 (bug #359234; low)
[sarge] - subversion <not-affected> (No rpaths set in Sarge)
CVE-2006-XXXX [libtunepimp rpath set to /tmp]
- - libtunepimp <unfixed> (bug #359241; low)
+ - libtunepimp 0.4.2-3 (bug #359241; low)
[sarge] - libtunepimp <not-affected> (rpath not set to /tmp in Sarge)
CVE-2006-XXXX [gpib rpath set to /tmp]
- - gpib <unfixed> (bug #359239; low)
+ - gpib 3.2.06-3 (bug #359239; low)
[sarge] - gpib <not-affected> (rpath not set to /tmp in Sarge)
CVE-2006-XXXX [fftw rpath set to user home]
- fftw <unfixed> (bug #358157; low)
@@ -1204,7 +1204,7 @@
[sarge] - samba <not-affected>
CVE-2006-1058
RESERVED
- - busybox (unfixed; low; bug #360578)
+ - busybox <unfixed> low; bug #360578)
CVE-2006-1057
RESERVED
CVE-2006-1056
@@ -17692,6 +17692,7 @@
CVE-2004-1617 (Lynx allows remote attackers to cause a denial of service
(infinite ...)
NOTE: This is fixed in lynx-cur, maybe a fix can be extracted from there
- lynx <unfixed> (bug #296340; low)
+ [sarge] - lynx <no-dsa> (Unimportant for a single-instance browser like
Lynx)
- lynx-cur 2.8.6-6 (low)
CVE-2004-1616 (Links allows remote attackers to cause a denial of service
(memory ...)
- links 0.99+1.00pre12-1 (bug #296341; low)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-04-03 21:14:26 UTC (rev 3738)
+++ data/DSA/list 2006-04-03 23:44:40 UTC (rev 3739)
@@ -1,3 +1,6 @@
+[04 Apr 2006] DSA-1022-1 storebackup - several
+ {CVE-2005-3146 CVE-2005-3147 CVE-2005-3148}
+ [sarge] - storebackup 1.18.4-2sarge1
[28 Mar 2006] DSA-1021-1 netpbm-free - insecure program execution
{CVE-2005-2471}
[woody] - netpbm-free 2:9.20-8.6