nion at alioth.debian.org
2008-Aug-13 10:21 UTC
[Secure-testing-commits] r9563 - in data: CVE DTSA
Author: nion
Date: 2008-08-13 10:21:21 +0000 (Wed, 13 Aug 2008)
New Revision: 9563
Modified:
data/CVE/list
data/DTSA/list
Log:
new yelp issue CVE-2008-3533 (fixed in DTSA-154-1)
previous git fix incomplete
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-08-13 09:45:28 UTC (rev 9562)
+++ data/CVE/list 2008-08-13 10:21:21 UTC (rev 9563)
@@ -264,8 +264,10 @@
TODO: check
CVE-2008-3534 (The shmem_delete_inode function in mm/shmem.c in the tmpfs ...)
TODO: check
-CVE-2008-3533
+CVE-2008-3533 [yelp format string]
RESERVED
+ - yelp <unfixed> (low)
+ NOTE: maintainer is aware of this
CVE-2008-3531
RESERVED
CVE-2008-3530
@@ -367,7 +369,7 @@
NOTE: http://developer.pidgin.im/ticket/6500
CVE-2008-3546 (Stack-based buffer overflow in the (1) diff_addremove and (2)
...)
{DTSA-153-1}
- - git-core 1:1.5.6.3-1.1 (medium; bug #494097)
+ - git-core 1:1.5.6.5 (medium; bug #494097)
CVE-2008-3484 (SQL injection vulnerability in eStoreAff 0.1 allows remote
attackers ...)
NOT-FOR-US: eStoreAff
CVE-2008-3483 (Cross-site scripting (XSS) vulnerability in ScrewTurn Wiki
2.0.29 and ...)
Modified: data/DTSA/list
==================================================================---
data/DTSA/list 2008-08-13 09:45:28 UTC (rev 9562)
+++ data/DTSA/list 2008-08-13 10:21:21 UTC (rev 9563)
@@ -447,3 +447,6 @@
[August 9th, 2008] DTSA-153-1 git-core - stack-based buffer overflow
{CVE-2008-3546}
[lenny] - git-core 1.5.6.3-1+lenny1
+[August 13th, 2008] DTSA-154-1 yelp - format string vulnerability
+ {CVE-2008-3533}
+ [lenny] - yelp 2.22.1-3+lenny2