jmm-guest at alioth.debian.org
2008-Oct-18 11:36 UTC
[Secure-testing-commits] r10114 - data/CVE
Author: jmm-guest Date: 2008-10-18 11:36:03 +0000 (Sat, 18 Oct 2008) New Revision: 10114 Modified: data/CVE/list Log: - fix source package names (you can use http://idssi.enyo.de/tracker/data/unknown-packages to check for such errors) - one ftpd issue fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-17 23:36:46 UTC (rev 10113) +++ data/CVE/list 2008-10-18 11:36:03 UTC (rev 10114) @@ -917,8 +917,8 @@ CVE-2008-XXXX [lustre: insecure temp files] - lustre 1.6.5.1-1 (low; bug #496371) CVE-2008-4247 (ftpd in OpenBSD 4.3, FreeBSD 7.0, and NetBSD 4.0 interprets long ...) - - ftpd-ssl 0.17.27+0.3-3 (bug #500518) - - ftpd <unfixed> (bug #500278) + - linux-ftpd-ssl 0.17.27+0.3-3 (bug #500518) + - linux-ftpd 0.17-29 (bug #500278) CVE-2008-XXXX [possible script injection via /etc/wordpress/wp-config.php] - wordpress <unfixed> (bug #500295; unimportant) NOTE: bigger problems, if attacker has access to /etc/wordpress/*