Moritz Muehlenhoff
2011-Oct-15 16:08 UTC
[Secure-testing-commits] r17427 - data data/CVE hardening
Author: jmm Date: 2011-10-15 16:08:32 +0000 (Sat, 15 Oct 2011) New Revision: 17427 Modified: data/CVE/list data/next-point-update.txt hardening/subgoal-dsa.txt Log: etherape fixed in sid and spu Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-10-15 04:18:22 UTC (rev 17426) +++ data/CVE/list 2011-10-15 16:08:32 UTC (rev 17427) @@ -1840,7 +1840,7 @@ CVE-2011-3370 RESERVED CVE-2011-3369 (The add_conversation function in conversations.c in EtherApe before ...) - - etherape <unfixed> (low; bug #645324) + - etherape 0.9.12-1 (low; bug #645324) [lenny] - etherape <no-dsa> (Minor issue) [squeeze] - etherape <no-dsa> (Minor issue) CVE-2011-3368 (The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, ...) Modified: data/next-point-update.txt ==================================================================--- data/next-point-update.txt 2011-10-15 04:18:22 UTC (rev 17426) +++ data/next-point-update.txt 2011-10-15 16:08:32 UTC (rev 17427) @@ -1,3 +1,5 @@ CVE-2011-XXXX [unsafe use of eval] - libdigest-perl 1.16-1+squeeze1 +CVE-2011-3369 + [squeeze] - etherape 0.9.8-1+squeeze1 Modified: hardening/subgoal-dsa.txt ==================================================================--- hardening/subgoal-dsa.txt 2011-10-15 04:18:22 UTC (rev 17426) +++ hardening/subgoal-dsa.txt 2011-10-15 16:08:32 UTC (rev 17427) @@ -365,8 +365,9 @@ Partially fixed: -- +libmusicbrainz-2.1 (2.1_2.1.5-6.1) (znow missing) + Fixed through cdbs (log or pkg should be checked, before moving to Resolved/fixed, since some Makefile or buildsystem foo might reset flags) @@ -375,11 +376,11 @@ ghostscript (9.04~dfsg-1) -Resolved/fixed: +Resolved/fixed: (should be double-checked with hardening-check from +hardening-includes before moving it here): mailman (1:2.1.14-3) ncompress (4.2.4.4-3) xzgv (5.9-3) -libmusicbrainz-2.1 (2.1_2.1.5-6.1) Packages using hardening-wrapper/-includes (these are considered fixed, although