nion at alioth.debian.org
2008-Dec-21 13:57 UTC
[Secure-testing-commits] r10761 - data/CVE
Author: nion Date: 2008-12-21 13:57:30 +0000 (Sun, 21 Dec 2008) New Revision: 10761 Modified: data/CVE/list Log: new no-ip issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-21 13:40:19 UTC (rev 10760) +++ data/CVE/list 2008-12-21 13:57:30 UTC (rev 10761) @@ -747,7 +747,10 @@ - pvpgn <unfixed> (low; bug #509336) [etch] - pvpgn <no-dsa> (Contrib not supported) CVE-2008-5369 (noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files ...) - TODO: check + - no-ip <unfixed> (unimportant; bug #509348) + NOTE: original issue doesn''t seem to be present, however there is a tmprace in the init + NOTE: script if it is used to debug with strace and a missing check for mkstemp failing + NOTE: but these situations are really corner cases CVE-2008-5368 (muttprint in muttprint 0.72d allows local users to overwrite arbitrary ...) TODO: check CVE-2008-5367 (ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to ...)