Author: stef-guest Date: 2007-03-04 16:16:29 +0000 (Sun, 04 Mar 2007) New Revision: 5506 Modified: data/CVE/list Log: - new putty issue - dropbear fixed in etch Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-03-04 13:36:01 UTC (rev 5505) +++ data/CVE/list 2007-03-04 16:16:29 UTC (rev 5506) @@ -1,3 +1,6 @@ +CVE-2007-XXXX [puttygen can create world-readable private keys] + - putty <unfixed> (bug #400804; low) + [sarge] - putty <no-dsa> (minor issue) CVE-2007-XXXX [asterisk remote SIP security hole] - asterisk 1:1.2.16~dfsg-1 CVE-2007-1160 (webSPELL 4.0, and possibly later versions, allows remote attackers to ...) @@ -128,6 +131,7 @@ NOT-FOR-US: Pickle CVE-2007-1099 (dbclient in Dropbear SSH client before 0.49 does not sufficiently warn ...) - dropbear 0.49-1 (bug #412899) + [etch] - dropbear 0.48.1-2 CVE-2007-1098 (Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 have ...) NOT-FOR-US: ScryMUD CVE-2007-1097 (Unspecified vulnerability in the upload tool in Wiclear before 0.11.1 ...)