diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2009-05-16 19:22:18 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2009-05-16 19:22:18 +0000 |
commit | 3fe8636854e549a5033bfc4de7d0e00e8409bdb0 (patch) | |
tree | 9590fca60706f5bd269caebb77819f30d73f7e09 /data | |
parent | d076dc8fa9140aadae562ac2bc3af1185fe066d2 (diff) |
cron no-dsa
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@11911 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 4 | ||||
-rw-r--r-- | data/ospu-candidates.txt | 7 | ||||
-rw-r--r-- | data/spu-candidates.txt | 5 |
3 files changed, 15 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index 86368b8859..6260e8a6d2 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -19,7 +19,9 @@ CVE-2009-XXXX [eggdrop buffer overflow] - eggdrop 1.6.19-1.2 (medium; bug #528778) NOTE: CVE id request on oss-sec CVE-2009-XXXX [cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked] - - cron 3.0pl1-106 (medium; bug #528434) + - cron 3.0pl1-106 (low; bug #528434) + [lenny] - cron <no-dsa> (Minor issue) + [etch] - cron <no-dsa> (Minor issue) CVE-2009-1628 RESERVED CVE-2009-1627 (Stack-based buffer overflow in Streaming Download Project (SDP) ...) diff --git a/data/ospu-candidates.txt b/data/ospu-candidates.txt index 0ef10d876b..dd1adbe0fa 100644 --- a/data/ospu-candidates.txt +++ b/data/ospu-candidates.txt @@ -125,8 +125,10 @@ chillispot notified maintainer -- + coccinelle http://packages.qa.debian.org/c/coccinelle/news/20090502T001704Z.html + -- comix (CVE-2008-1568) @@ -135,6 +137,11 @@ notified maintainer -- +cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked +#528434 + +-- + cupsys (CVE-2008-5377) -- diff --git a/data/spu-candidates.txt b/data/spu-candidates.txt index 2d516b199e..bd1fe7ee17 100644 --- a/data/spu-candidates.txt +++ b/data/spu-candidates.txt @@ -27,6 +27,11 @@ http://packages.qa.debian.org/c/coccinelle/news/20090502T001704Z.html -- +cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked +#528434 + +-- + kvm 82-1 (CVE-2008-5714) #509997 |