joeyh at alioth.debian.org
2008-Dec-03 09:14 UTC
[Secure-testing-commits] r10590 - data/CVE
Author: joeyh
Date: 2008-12-03 09:14:13 +0000 (Wed, 03 Dec 2008)
New Revision: 10590
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-12-03 06:15:44 UTC (rev 10589)
+++ data/CVE/list 2008-12-03 09:14:13 UTC (rev 10590)
@@ -15,8 +15,10 @@
CVE-2008-5304
RESERVED
CVE-2008-5303 (Race condition in the rmtree function in File::Path 1.08 ...)
+ {DSA-1678-1}
TODO: check
CVE-2008-5302 (Race condition in the rmtree function in File::Path 1.08 and
2.07 ...)
+ {DSA-1678-1}
TODO: check
CVE-2008-5301 (Directory traversal vulnerability in the ManageSieve
implementation in ...)
TODO: check
@@ -127,6 +129,7 @@
CVE-2008-5278 (Cross-site scripting (XSS) vulnerability in the self_link
function in ...)
- wordpress 2.5.1-11 (low; bug #507193)
CVE-2008-5286 (Integer overflow in the _cupsImageReadPNG function in CUPS
1.1.17 ...)
+ {DSA-1677-1}
- cups 1.3.8-1lenny4 (bug #507183; medium)
CVE-2008-XXXX [geda-gnetlist: sch2eaglepos.sh has insecure temp file handling ]
- geda-gnetlist <unfixed> (bug #506625; unimportant)
@@ -60824,7 +60827,7 @@
{DSA-1018-1 DSA-1017-1}
- linux-2.6 <not-affected> (Vulnerable code was removed betwen 2.6.11
and 2.6.12)
CVE-2005-0448 (Race condition in the rmtree function in File::Path.pm in Perl
before ...)
- {DSA-696-1}
+ {DSA-1678-1 DSA-696-1}
- perl 5.8.4-7
CVE-2005-0430 (The Quake 3 engine, as used in multiple game packages, allows
remote ...)
NOT-FOR-US: Quake3
@@ -64476,7 +64479,7 @@
CVE-2004-0453 (Format string vulnerability in the monitor "memory
dump" command in ...)
- vice 1.14-2
CVE-2004-0452 (Race condition in the rmtree function in the File::Path module
in Perl ...)
- {DSA-620-1}
+ {DSA-1678-1 DSA-620-1}
- perl 5.8.4-5
CVE-2004-0451 (Multiple format string vulnerabilities in the (1) logquit, (2)
logerr, ...)
{DSA-521}