Secure testing commits - Aug 2008 - r9506 - in data: CVE DSA

Author: thijs
Date: 2008-08-04 08:17:28 +0000 (Mon, 04 Aug 2008)
New Revision: 9506

Modified:
   data/CVE/list
   data/DSA/list
Log:
pdns-recursor was already fixed in 3.1.7-1 but there wasn''t a separate
CVE
name for it yet then.


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-08-03 15:42:48 UTC (rev 9505)
+++ data/CVE/list	2008-08-04 08:17:28 UTC (rev 9506)
@@ -399,7 +399,7 @@
 CVE-2008-3225 (Joomla! before 1.5.4 allows attackers to access administration
...)
 	- joomla <itp> (bug #326398)
 CVE-2008-3217 (PowerDNS Recursor before 3.1.6 does not always use the strongest
...)
-	- pdns-server <unfixed> (low; bug #493576)
+	- pdns-recursor 3.1.7-1 (low; bug #493576)
 CVE-2008-3215 (libclamav/petite.c in ClamAV before 0.93.3 allows remote
attackers to ...)
 	- clamav 0.93.1.dfsg-1.1 (medium)
 CVE-2008-3214 (dnsmasq 2.25 allows remote attackers to cause a denial of
service ...)
@@ -4049,7 +4049,7 @@
 CVE-2008-1637 (PowerDNS Recursor before 3.1.5 uses insufficient randomness to
...)
 	{DSA-1544-2 DSA-1544-1}
 	- pdns-recursor 3.1.7-1
-	NOTE: Fix in 3.1.5 was incomplete
+	NOTE: Fix in 3.1.5 was incomplete, see CVE-2008-3217
 CVE-2008-1636 (Cross-site scripting (XSS) vulnerability in index.php in JV2
Quick ...)
 	NOT-FOR-US: JV2 Quick Gallery
 CVE-2008-1635 (Directory traversal vulnerability in view_private.php in Keep It
...)

Modified: data/DSA/list
==================================================================---
data/DSA/list	2008-08-03 15:42:48 UTC (rev 9505)
+++ data/DSA/list	2008-08-04 08:17:28 UTC (rev 9506)
@@ -46,7 +46,7 @@
 	{CVE-2008-2232}
 	[etch] - afuse 0.1.1-1+etch1
 [16 Jul 2008] DSA-1544-2 pdns-recursor - predictable randomness
-	{CVE-2008-1637}
+	{CVE-2008-1637 CVE-2008-3217}
 	[etch] - pdns-recursor 3.1.4-1+etch2
 [15 Jul 2008] DSA-1610-1 gaim - execution of arbitrary code
 	{CVE-2008-2927}