nion at alioth.debian.org
2008-Sep-02 16:57 UTC
[Secure-testing-commits] r9726 - in data: CVE DTSA
Author: nion
Date: 2008-09-02 16:57:41 +0000 (Tue, 02 Sep 2008)
New Revision: 9726
Modified:
data/CVE/list
data/DTSA/list
Log:
releasing DTSA-164-1 (newsbeuter)
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-09-02 14:24:41 UTC (rev 9725)
+++ data/CVE/list 2008-09-02 16:57:41 UTC (rev 9726)
@@ -8,7 +8,9 @@
[lenny] - wordnet 3.0-11+lenny1
[etch] - wordnet 1:2.1-4+etch1
CVE-2008-XXXX [code execution in newsbeuter via crafted url when opened in
external browser]
- - newsbeuter 1.1-1 (medium)
+ {DTSA-164-1}
+ [lenny] - newsbeuter 0.9.1-1+lenny2
+ - newsbeuter 1.2-1 (medium)
NOTE: medium as versions < 1.0-1 didn''t include a patch to wrap
long article URLs so the
NOTE: crafted part of the URL can be hidden. This of course only affects
people not reading
NOTE: articles in the built-in reader.
Modified: data/DTSA/list
==================================================================---
data/DTSA/list 2008-09-02 14:24:41 UTC (rev 9725)
+++ data/DTSA/list 2008-09-02 16:57:41 UTC (rev 9726)
@@ -479,3 +479,5 @@
[lenny] - r-base 2.7.1-1+lenny1
[September 2nd, 2008] DTSA-163-1 wordnet - several overflows
[lenny] - wordnet 3.0-11+lenny1
+[September 2nd, 2008] DTSA-164-1 newsbeuter - command injection
+ [lenny] - newsbeuter 0.9.1-1+lenny2