thijs at alioth.debian.org
2008-Mar-27 15:39 UTC
[Secure-testing-commits] r8424 - in data: CVE DSA
Author: thijs
Date: 2008-03-27 15:39:09 +0000 (Thu, 27 Mar 2008)
New Revision: 8424
Modified:
data/CVE/list
data/DSA/list
Log:
DSA-1531-1, missing CVE id
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-03-27 13:55:15 UTC (rev 8423)
+++ data/CVE/list 2008-03-27 15:39:09 UTC (rev 8424)
@@ -86,7 +86,9 @@
TODO: check
CVE-2008-XXXX [policyd-weight tempfile race]
- policyd-weight <unfixed> (low)
+ [etch] - policyd-weight 0.1.14-beta-6etch1
NOTE:
http://www.mail-archive.com/policyd-weight-list%40ek-muc.de/msg00798.html
+ NOTE: CVE id pending
CVE-2008-1489 (Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c
for VLC ...)
- vlc 0.8.6.e-1.1 (medium; bug #472635)
CVE-2008-1488 (Stack-based buffer overflow in apc.c in Alternative PHP Cache
(APC) ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2008-03-27 13:55:15 UTC (rev 8423)
+++ data/DSA/list 2008-03-27 15:39:09 UTC (rev 8424)
@@ -1,3 +1,6 @@
+[27 Mar 2008] DSA-1531-1 policyd-weight - insecure temporary files
+ [etch] - policyd-weight 0.1.14-beta-6etch1
+ NOTE: CVE id still pending...
[25 Mar 2008] DSA-1530-1 cupsys - multiple vulnerabilities
{CVE-2008-0047 CVE-2008-0882}
[etch] - cupsys 1.2.7-4etch3