Secure testing commits - May 2009 - r11909 - data/CVE

Author: derevko-guest
Date: 2009-05-16 13:55:27 +0000 (Sat, 16 May 2009)
New Revision: 11909

Modified:
   data/CVE/list
Log:
CVE-2009-1631: new evolution issue, minor issue, perhaps a no-dsa tag for etch
and lenny will be appropiate?


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-05-16 13:43:34 UTC (rev 11908)
+++ data/CVE/list	2009-05-16 13:55:27 UTC (rev 11909)
@@ -9,7 +9,8 @@
 CVE-2009-1632 (Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote
...)
 	- ipsec-tools <unfixed> (medium; bug #528933)
 CVE-2009-1631 (The Mailer component in Evolution 2.26.1 and earlier uses ...)
-	TODO: check
+	- evolution <unfixed> (low; bug #526409)
+	NOTE: minor issue, perhaps a no-dsa tag for etch and lenny will be appropiate?
 CVE-2009-1630 (The nfs_permission function in fs/nfs/dir.c in the NFS client
...)
 	TODO: check
 CVE-2009-1629 (ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs
with ...)

On Sat, 16 May 2009 13:55:27 +0000 Giuseppe Iuculano wrote:
> Author: derevko-guest
> Date: 2009-05-16 13:55:27 +0000 (Sat, 16 May 2009)
> New Revision: 11909
> 
> Modified:
>    data/CVE/list
> Log:
> CVE-2009-1631: new evolution issue, minor issue, perhaps a no-dsa tag for
etch and lenny will be appropiate?
i concur that this is relatively minor.  the best course of action is to
touch base with maintainer to see if they would are interested in doing
do this, and also add it to the spu/ospu-candites lists.

mike