nion at alioth.debian.org
2009-Feb-07 11:30 UTC
[Secure-testing-commits] r11159 - in data: CVE DTSA
Author: nion
Date: 2009-02-07 11:30:35 +0000 (Sat, 07 Feb 2009)
New Revision: 11159
Modified:
data/CVE/list
data/DTSA/list
Log:
release DTSA-192-1 (audacity), DTSA-191-1 (gedit), DTSA-190-1 (gnumeric)
add bugzilla bugs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-02-06 21:36:39 UTC (rev 11158)
+++ data/CVE/list 2009-02-07 11:30:35 UTC (rev 11159)
@@ -268,18 +268,20 @@
NOTE: http://www.squid-cache.org/Advisories/SQUID-2009_1.txt
NOTE: CVE id requested
CVE-2009-XXXX [bugzilla: Insufficiently Random Numbers]
- - bugzilla <unfixed> (bug filed)
+ - bugzilla <unfixed> (bug #514143)
CVE-2009-XXXX [bugzilla: Abuse of Functionality (Attachments)]
- - bugzilla <unfixed> (bug filed)
+ - bugzilla <unfixed> (bug #514143)
CVE-2009-XXXX [bugzilla: Cross-Site Request Forgery (2x)]
- - bugzilla <unfixed> (bug filed)
+ - bugzilla <unfixed> (bug #514143)
CVE-2009-XXXX [glpi sql injection]
- glpi 0.71.5-1 (bug #513611)
CVE-2009-XXXX [buffer overflow]
+ {DTSA-192-1}
- audacity 1.3.6-1 (bug #514138)
NOTE: http://www.milw0rm.com/exploits/7634
NOTE: https://bugs.gentoo.org/show_bug.cgi?id=253493
NOTE: CVE id requested
+ [lenny] - audacity 1.3.5-2+lenny1
CVE-2009-0368
RESERVED
CVE-2009-0367
Modified: data/DTSA/list
==================================================================---
data/DTSA/list 2009-02-06 21:36:39 UTC (rev 11158)
+++ data/DTSA/list 2009-02-07 11:30:35 UTC (rev 11159)
@@ -566,3 +566,11 @@
[February 1st, 2009] DTSA-189-1 avahi - denial of service
{CVE-2008-5081}
[lenny] - avahi 0.6.22-3+lenny1
+[February 7th, 2009] DTSA-190-1 gnumeric - insecure python search path
+ {CVE-2009-0318}
+ [lenny] - gnumeric 1.8.3-5+lenny1
+[February 7th, 2009] DTSA-191-1 gedit - insecure python search path
+ {CVE-2009-0314}
+ [lenny] - gedit 2.22.3-1+lenny1
+[February 7th, 2009] DTSA-192-1 audacity - arbitrary code execution
+ [lenny] - audacity 1.3.5-2+lenny1