nion at alioth.debian.org
2008-Feb-07 19:05 UTC
[Secure-testing-commits] r8098 - in data: . CVE NMU
Author: nion Date: 2008-02-07 19:05:45 +0000 (Thu, 07 Feb 2008) New Revision: 8098 Modified: data/CVE/list data/NMU/list data/embedded-code-copies Log: wml embeds libgd fork insecure tmpfile handling fixed in wml 2.0.11-3.1 /usr/lib/subversion/hook-scripts/commit-email.pl: `/usr/bin/svnlook diff /svn/secure-testing -r 8098'' failed with this output: Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-02-07 18:53:05 UTC (rev 8097) +++ data/CVE/list 2008-02-07 19:05:45 UTC (rev 8098) @@ -307,7 +307,7 @@ NOTE: This enhances the fix for CVE-2006-3636. NOTE: http://mail.python.org/pipermail/mailman-announce/2008-February/000095.html CVE-2008-XXXX [insecure tmp file usage in webwml] - - wml <unfixed> (low; bug #463907) + - wml 2.0.11-3.1 (low; bug #463907) [sarge] - wml <not-affected> (Vulnerable code is patched to use mkdtemp) NOTE: CVE id pending CVE-2008-XXXX [deluge-torrent unspecified remote issue] Modified: data/NMU/list ===================================================================