white at alioth.debian.org
2008-Dec-22 22:18 UTC
[Secure-testing-commits] r10780 - data/CVE
Author: white Date: 2008-12-22 22:18:51 +0000 (Mon, 22 Dec 2008) New Revision: 10780 Modified: data/CVE/list Log: One tmp issue unimportant Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-22 21:14:11 UTC (rev 10779) +++ data/CVE/list 2008-12-22 22:18:51 UTC (rev 10780) @@ -763,7 +763,8 @@ - ppp <unfixed> (unimportant) NOTE: insecure temp file handling in udeb is not an issue, since it is during the installation CVE-2008-5366 (The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local ...) - - ppp <unfixed> (low; bug #509488) + - ppp <unfixed> (unimportant; bug #509488) + NOTE: Package postinst isn''t vulnerable, only .tmp files in /etc CVE-2008-5365 (SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares ...) NOT-FOR-US: ActiveWebSoftwares CVE-2008-5364 (Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx ...)