white at alioth.debian.org
2008-Oct-29 11:19 UTC
[Secure-testing-commits] r10200 - data/CVE
Author: white Date: 2008-10-29 11:19:25 +0000 (Wed, 29 Oct 2008) New Revision: 10200 Modified: data/CVE/list Log: Add NOTE as explanation to lazarus issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-29 10:53:21 UTC (rev 10199) +++ data/CVE/list 2008-10-29 11:19:25 UTC (rev 10200) @@ -2514,6 +2514,8 @@ [etch] - vdr <not-affected> (Vulnerable code not present) CVE-2008-XXXX [lazarus: insecure temp file] - lazarus 0.9.24-0-11 (unimportant; bug #496377) + NOTE: vulnerable script only called when updating the source + NOTE: thus neither actively used nor invoked automatically CVE-2008-XXXX [crossfire-maps: insecure temp file] - crossfire-maps 1.11.0-2 (low; bug #496358) [etch] - crossfire-maps <no-dsa> (Minor issue)