Secure testing commits - Nov 2008 - r10548 - data/CVE

Author: jmm-guest
Date: 2008-11-30 08:30:20 +0000 (Sun, 30 Nov 2008)
New Revision: 10548

Modified:
   data/CVE/list
Log:
jailer dupe, fix pending


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-11-30 01:13:50 UTC (rev 10547)
+++ data/CVE/list	2008-11-30 08:30:20 UTC (rev 10548)
@@ -272,7 +272,7 @@
 	- mailscanner 4.57.6-1
 	NOTE: script should only be used when the private Trend Micro antivirus is
installed
 CVE-2008-5139 (updatejail in jailer 0.4 allows local users to overwrite
arbitrary ...)
-	- jailer 0.4-15
+	- jailer 0.4-10 (bug #410548; low)
 CVE-2008-5138 (passwdehd in libpam-mount 0.43 allows local users to overwrite
...)
 	- libpam-mount 1.2+gitaa4791f-1 (low)
 	[lenny] - libpam-mount 0.44-1+lenny2
@@ -21473,10 +21473,6 @@
 	{DSA-1322-1}
 	- wireshark 0.99.6pre1-1
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-XXXX [jailer unsafe tempfile usage]
-	- jailer 0.4-10 (bug #410548; low)
-	[sarge] - jailer <no-dsa> (Minor issue)
-	[etch] - jailer <no-dsa> (Minor issue)
 CVE-2007-3372 (The Avahi daemon in Avahi before 0.6.20 allows attackers to
cause a ...)
 	- avahi 0.6.20-2 (low)
 	[etch] - avahi <no-dsa> (Minor issue, only affects local users)