joeyh at alioth.debian.org
2008-Dec-11 09:14 UTC
[Secure-testing-commits] r10674 - data/CVE
Author: joeyh Date: 2008-12-11 09:14:12 +0000 (Thu, 11 Dec 2008) New Revision: 10674 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-11 05:37:55 UTC (rev 10673) +++ data/CVE/list 2008-12-11 09:14:12 UTC (rev 10674) @@ -224,10 +224,10 @@ - tikiwiki <removed> CVE-2008-5317 (Integer signedness error in the cmsAllocGamma function in ...) - lcms 1.17-1 - [etch] - lcms 1.15-1.1+etch1 + [etch] - lcms 1.15-1.1+etch1 CVE-2008-5316 (Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in ...) - lcms 1.16-1 - [etch] - lcms 1.15-1.1+etch1 + [etch] - lcms 1.15-1.1+etch1 CVE-2008-5315 (Directory traversal vulnerability in the web interface in Apple iPhone ...) NOT-FOR-US: Apple iPhone Configuration Web Utility CVE-2008-XXXX [multiple insecure tempfiles usage issues in devscripts] @@ -498,7 +498,7 @@ NOT-FOR-US: eSHOP100 CVE-2008-5285 (Wireshark 1.0.4 and earlier allows remote attackers to cause a denial ...) - wireshark <unfixed> (low; bug #506741) -CVE-2008-5394 [race condition in shadow could lead to gaining ownership or changing mode of arbitrary files] +CVE-2008-5394 (/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other ...) - shadow 1:4.1.1-6 (bug #505271) CVE-2008-XXXX [verlihub remote command execution and the possibility of attack with the help of symlinks] - verlihub <unfixed> (low; bug #506530)