thr3ads.net - Secure testing commits - [Secure-testing-commits] r8420

If this information is useful, please help other people find it:
Share via:

jmm-guest at alioth.debian.org

2008-Mar-27 09:35 UTC

[Secure-testing-commits] r8420 - data/CVE

Author: jmm-guest
Date: 2008-03-27 09:35:40 +0000 (Thu, 27 Mar 2008)
New Revision: 8420

Modified:
   data/CVE/list
Log:
new gnupg issue (who who''ve thought that having a horribly
  maintained gnupg might actually be good for something?)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-03-26 21:14:11 UTC (rev 8419)
+++ data/CVE/list	2008-03-27 09:35:40 UTC (rev 8420)
@@ -1,3 +1,11 @@
+CVE-2008-XXXX [gnupg key import memory corruption]
+	- gnupg <not-affected> (Only 1.4.8 is affected)
+        TODO: Verify that the next maintainer upload uses 1.4.9 directly
+        [etch] - gnupg <not-affected> (Only 1.4.8 is affected)
+        [sarge] - gnupg <not-affected> (Only 1.4.8 is affected)
+	- gnupg2 <unfixed> (bug filed)
+        [etch] - gnupg2 <not-affected> (Only 2.0.8 is affected)
+        [sarge] - gnupg2 <not-affected> (Only 2.0.8 is affected)
 CVE-2008-1529 (ZyXEL Prestige routers have a minimum password length for the
admin ...)
 	TODO: check
 CVE-2008-1528 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models
with ...)

Secure testing commits - Mar 2008 - r8420 - data/CVE

[Secure-testing-commits] r8420 - data/CVE