nion at alioth.debian.org
2008-Mar-18 18:08 UTC
[Secure-testing-commits] r8366 - in data: CVE DTSA
Author: nion
Date: 2008-03-18 18:08:51 +0000 (Tue, 18 Mar 2008)
New Revision: 8366
Modified:
data/CVE/list
data/DTSA/list
Log:
releasing DTSA-118-1 (ldm)
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-03-18 09:18:15 UTC (rev 8365)
+++ data/CVE/list 2008-03-18 18:08:51 UTC (rev 8366)
@@ -387,10 +387,9 @@
NOTE: exploitable through code introduced in 1.0.11
NOTE: http://www.dovecot.org/list/dovecot-news/2008-March/000064.html
CVE-2008-1293 [ldm information disclosure]
- - ldm 2:0.1~bzr20080308-1
+ - ldm 2:0.1~bzr20080308-1 (bug #469462)
- ltsp 5.0.40~bzr20071229-1
NOTE: In revision 5.0.40~bzr20071229-1 ldm has been split into a separate
source package
- NOTE: CVE id pending
CVE-2008-1145 (Directory traversal vulnerability in WEBrick 1.8 before
1.8.5-p115 and ...)
- ruby1.8 1.8.6.114-1 (unimportant; bug #469475)
- ruby1.9 1.9.0.1-1 (unimportant; bug #469482)
Modified: data/DTSA/list
==================================================================---
data/DTSA/list 2008-03-18 09:18:15 UTC (rev 8365)
+++ data/DTSA/list 2008-03-18 18:08:51 UTC (rev 8366)
@@ -339,3 +339,6 @@
[March 11th, 2008] DTSA-117-1 cupsys - arbitrary code execution
{CVE-2008-0882}
[lenny] - cupsys 1.3.5-1+lenny1
+[March 18th, 2008] DTSA-118-1 ldm - authentication bypass
+ {CVE-2008-1293}
+ [lenny] - ldm 2:0.1~bzr20071217-1+lenny1