diff options
| author | Michael Gilbert <michael.s.gilbert@gmail.com> | 2011-01-18 02:17:49 +0000 |
|---|---|---|
| committer | Michael Gilbert <michael.s.gilbert@gmail.com> | 2011-01-18 02:17:49 +0000 |
| commit | 38f772f944cd74e3600ed4a6eb178feec8e87b3f (patch) | |
| tree | 00cada108e0c7961b717b8f80f85f6dae1f1c7b8 /doc/historic/tmp.txt | |
| parent | 48ccbc6631eed19011cda1e4ec1ccdb215028481 (diff) | |
create a historic document dir and move a bunch of outdated stuff there
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@15917 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'doc/historic/tmp.txt')
| -rw-r--r-- | doc/historic/tmp.txt | 104 |
1 files changed, 104 insertions, 0 deletions
diff --git a/doc/historic/tmp.txt b/doc/historic/tmp.txt new file mode 100644 index 0000000000..ab0f025ade --- /dev/null +++ b/doc/historic/tmp.txt @@ -0,0 +1,104 @@ +- Make sure the issue is tracked in the tracker +- Criteria for potential DSA: Typically used as root, typically used + on multiuser system, non-fringe, real world use case (i.e no debug, + no examples) +- This is the initial batch reported by Dmitry, but there might have + been followups? We should check this, I haven't caught up with + mail backlog +- While some issues might not warrant a DSA for Etch, we should be + a little more aggressive on maintainters not following up for + Lenny and rather go for removal in such cases +- Since stable updates can be made by any DD we could also advertise + this on debian-devel to find a volunteer if the respective + maintainers are too busy +- I think we only need CVE IDs for issues fixed in a DSA or through + a point update, oss-security should be better than a CNA pool since + there's a risk of collisions + + + +DSA: (Name in brackets if someone prepares a DSA) + Binary-package: qemu (0.9.1-5) (CVE-2008-4553) (white) + + +SPU: + Binary-package: ibackup (2.27-4.1) (CVE-2008-4475) + Binary-package: sympa (5.3.4-5) (CVE-2008-4476) + Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4) (CVE-2008-4474) + Binary-package: fwbuilder (2.1.19-3) (CVE requested) + Binary-package: aegis-web (4.24-3) (CVE requested) + Binary-package: rancid-util (2.3.2~a8-1) (CVE requested) + Binary-package: fml (4.0.3.dfsg-2) (CVE requested) + Binary-package: gdrae (0.1-1) (CVE requested) + Binary-package: cdrw-taper (0.4-2) + Binary-package: digitaldj (0.7.5-6+b1) + Binary-package: xastir (1.9.2-1) + Binary-package: aview (1.3.0rc1-8) + Binary-package: xcal (4.1-18.3) + Binary-package: mgt (2.31-5) + Binary-package: sng (1.0.2-5) + Binary-package: cdcontrol (1.90-1.1) + Binary-package: apertium (3.0.7+1-1+b1) + Binary-package: rccp (0.9-2) + Binary-package: xmcd (2.6-19.3) + Binary-package: xsabre (0.2.4b-23) (CVE-2008-4407) + Binary-package: realtimebattle-common (1.0.8-2) + Binary-package: cman (2.20080629-1) + Binary-package: wims (3.62-13) + Binary-package: konwert-filters (1.8-11.1) + Binary-package: crossfire-maps (1.11.0-1) + Binary-package: sgml2x (1.0.0-11.1) + Binary-package: xen-utils-3.2-1 (3.2.1-2) + Binary-package: myspell-tools (1:3.1-20) + Binary-package: emacs-jabber (0.7.91-1) + Binary-package: audiolink (0.05-1) + Binary-package: impose+ (0.2-11) + Binary-package: emacspeak (26.0-3) (CVE-2008-4191) + Binary-package: netmrg (0.20-1) + Binary-package: r-base-core (2.7.1-1) (CVE-2008-3931) + Binary-package: dist (1:3.5-17-1) + Binary-package: gpsdrive-scripts (2.10~pre4-3) + Binary-package: rkhunter (1.3.2-3) + Binary-package: mgetty-fax (1.1.36-1.2) + +Non-issues (not exploitable, only examples or very exotic use cases, +e.g. only exploitable when debugging a certain option, not present +in Etch or only exploitable during package build time): + Binary-package: ogle-mmx (0.9.2-5.2) + Binary-package: ogle (0.9.2-5.2) + Binary-package: openoffice.org-common (1:2.4.1-6) + Binary-package: postfix (2.5.2-2) + Binary-package: tiger (1:3.2.2-3.1) + Binary-package: linuxtrade (3.65-8+b4) + Binary-package: arb-common (0.0.20071207.1-4) + Binary-package: scratchbox2 (1.99.0.24-1) + Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1) + Binary-package: firehol (1.256-4) + Binary-package: mafft (6.240-1) + Binary-package: liguidsoap (0.3.6-4) + Binary-package: ampache (3.4.1-1) + Binary-package: scilab-bin (4.1.2-5) + Binary-package: bk2site (1:1.1.9-3.1) + Binary-package: freevo (1.8.1-0) + Binary-package: dpkg-cross (2.3.0) + Binary-package: initramfs-tools (0.92f) + Binary-package: datafreedom-perl (0.1.7-1) + Binary-package: printfilters-ppd (2.13-9) + Binary-package: sendmail-base (8.14.3-5) + Binary-package: gccxml (0.9.0+cvs20080525-1) + Binary-package: aegis (4.24-3) + + + + + + + + + + + + + + + |