Author: jmm Date: 2011-04-01 14:25:36 +0000 (Fri, 01 Apr 2011) New Revision: 16466 Modified: data/CVE/list Log: new logrotate issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-03-31 21:33:51 UTC (rev 16465) +++ data/CVE/list 2011-04-01 14:25:36 UTC (rev 16466) @@ -1,11 +1,11 @@ CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ ...) - TODO: check + - logrotate <unfixed> CVE-2011-1550 (The default configuration of logrotate on SUSE openSUSE Factory uses ...) - TODO: check + - logrotate <unfixed> CVE-2011-1549 (The default configuration of logrotate on Gentoo Linux uses root ...) - TODO: check + - logrotate <unfixed> CVE-2011-1548 (The default configuration of logrotate on Debian GNU/Linux uses root ...) - TODO: check + - logrotate <unfixed> CVE-2009-5064 (** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and ...) TODO: check CVE-2011-1547 @@ -1041,9 +1041,9 @@ NOTE: CVE requested NOTE: http://code.google.com/p/feedparser/issues/detail?id=195 CVE-2011-1155 (The writeState function in logrotate.c in logrotate 3.7.9 and earlier ...) - TODO: check + - logrotate <unfixed> CVE-2011-1154 (The shred_file function in logrotate.c in logrotate 3.7.9 and earlier ...) - TODO: check + - logrotate <unfixed> CVE-2011-1153 (Multiple format string vulnerabilities in phar_object.c in the phar ...) - php5 5.3.6-1 CVE-2011-1152 @@ -1268,7 +1268,7 @@ CVE-2011-1099 (Multiple directory traversal vulnerabilities in FocalMedia.Net Quick ...) NOT-FOR-US: FocalMedia.Net Quick Polls CVE-2011-1098 (Race condition in the createOutputFile function in logrotate.c in ...) - TODO: check + - logrotate <unfixed> CVE-2011-1097 (rsync 3.x before 3.0.8, when certain recursion, deletion, and ...) TODO: check CVE-2011-1096