Author: jmm-guest
Date: 2005-09-30 08:48:54 +0000 (Fri, 30 Sep 2005)
New Revision: 2248
Modified:
data/DSA/list
Log:
two new DSAs and one correction for a squid DSA
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-09-30 05:24:44 UTC (rev 2247)
+++ data/DSA/list 2005-09-30 08:48:54 UTC (rev 2248)
@@ -1,5 +1,21 @@
+[30 Sep 2005] DSA-829-1 mysql - several
+ { CAN-2005-2558 }
+ - mysql-dfsg-4.1 4.1.14-2 (medium)
+ - mysql-dfsg-5.0 5.0.11beta-3 (medium)
+ NOTE: fixed in testing at time of DSA
+ NOTE: This DSA breaks the rule of thumb that the title matches against
+ NOTE: a source package name. Will this cause breakage in any of our scripts?
+[30 Sep 2005] DSA-828-1 squid - several
+ { CAN-2005-2917 }
+ - squid 2.5.10-6 (medium)
+ NOTE: fixed in testing at time of DSA
+[30 Sep 2005] DSA-809-2 squid - assertion error
+ { CAN-2005-2794 }
+ - squid 2.5.10-5 (medium)
+ NOTE: fixed in testing at time of DSA
[29 Sep 2005] DSA-827-1 backupninja - insecure temporary file creation
- backupninja 0.5-3sarge1 (medium)
+ NOTE: not fixed in testing at time of DSA (too young 1/2 days)
[29 Sep 2005] DSA-826-1 helix-player - multiple
{ CAN-2005-1766 CAN-2005-2710 }
- helix-player 1.0.4-1sarge1 (high)
Florian Weimer
2006-Mar-13 12:28 UTC
[Secure-testing-team] Re: [Secure-testing-commits] r2248 - data/DSA
* Moritz Muehlenhoff:> +[30 Sep 2005] DSA-829-1 mysql - several > + { CAN-2005-2558 } > + - mysql-dfsg-4.1 4.1.14-2 (medium) > + - mysql-dfsg-5.0 5.0.11beta-3 (medium)These versions do not match the corresponding CAN: CAN-2005-2558 (Stack-based buffer overflow in the init_syms function in MySQL 4.0 ...) - mysql-dfsg-4.1 4.1.13 (medium) - mysql-dfsg-5.0 5.0.7beta-1 (medium) - mysql-dfsg <unfixed> (bug #322133; medium) Do you know which versions are correct?
Moritz Muehlenhoff
2006-Mar-13 12:28 UTC
[Secure-testing-team] Re: [Secure-testing-commits] r2248 - data/DSA
Florian Weimer wrote:> * Moritz Muehlenhoff: > > > +[30 Sep 2005] DSA-829-1 mysql - several > > + { CAN-2005-2558 } > > + - mysql-dfsg-4.1 4.1.14-2 (medium) > > + - mysql-dfsg-5.0 5.0.11beta-3 (medium) > > These versions do not match the corresponding CAN: > > CAN-2005-2558 (Stack-based buffer overflow in the init_syms function in MySQL 4.0 ...) > - mysql-dfsg-4.1 4.1.13 (medium) > - mysql-dfsg-5.0 5.0.7beta-1 (medium) > - mysql-dfsg <unfixed> (bug #322133; medium) > > Do you know which versions are correct?I just copied the entry above from the DSA, but I believe my entry below is indeed correct. I''ve pinged security team and the mysql maintainer. Cheers, Moritz