Author: nion
Date: 2009-05-13 22:30:27 + (Wed, 13 May 2009)
New Revision: 11895
Modified:
data/CVE/list
Log:
add squirrelmail impacts and patch information
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-13
Author: nion
Date: 2009-05-11 16:46:29 + (Mon, 11 May 2009)
New Revision: 11871
Modified:
data/CVE/list
Log:
CVE-2009-1513/CVE-2009-1438 fixed in libmodplug 1:0.8.7-1
Modified: data/CVE/list
===
--- data/CVE/list
Author: nion
Date: 2009-05-11 17:23:12 + (Mon, 11 May 2009)
New Revision: 11872
Modified:
data/CVE/list
Log:
new zoneminder issue (CVE-2008-6755) unimportant
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-11
Author: nion
Date: 2009-05-11 17:47:43 + (Mon, 11 May 2009)
New Revision: 11874
Modified:
data/CVE/list
Log:
filed hex-a-hop bug
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-11 17:34:27 UTC (rev 11873)
+++
Author: nion
Date: 2009-05-11 17:34:27 + (Mon, 11 May 2009)
New Revision: 11873
Modified:
data/CVE/list
Log:
CVE-2008-6587 is NFU, this is an external plugin and vuze itself doesnt include
the vulnerable code
Modified: data/CVE/list
Author: nion
Date: 2009-05-09 15:05:48 + (Sat, 09 May 2009)
New Revision: 11851
Modified:
data/CVE/list
Log:
CVE-2009-1255 fixed in memcachedb 1.2.0-3
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-09 13:06:05
Author: nion
Date: 2009-05-09 17:01:57 + (Sat, 09 May 2009)
New Revision: 11852
Modified:
data/CVE/list
Log:
revert information for CVE-2008-6792
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-09 15:05:48 UTC
Author: nion
Date: 2009-05-09 17:35:01 + (Sat, 09 May 2009)
New Revision: 11853
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
CVE-2009-0757 doesnt affect etch/lenny
Modified: data/CVE/list
===
--- data/CVE/list
Author: nion
Date: 2009-05-09 17:37:40 + (Sat, 09 May 2009)
New Revision: 11854
Modified:
doc/narrative_introduction
Log:
add link to important notice mail to narrative introduction
Modified: doc/narrative_introduction
===
Author: nion
Date: 2009-05-09 17:43:13 + (Sat, 09 May 2009)
New Revision: 11855
Modified:
data/CVE/list
Log:
chrome is not debian but chromium has an itp, please check if this is a
chromium specific issue
Modified: data/CVE/list
Author: nion
Date: 2009-05-07 10:35:48 + (Thu, 07 May 2009)
New Revision: 11830
Modified:
data/CVE/list
Log:
adjust severity for jetty issue, the package only being in unstable is no
reason for the issue being unimportant
Modified: data/CVE/list
...)
- TODO: check
+ - sendmail not-affected (Vulnerable versions too old)
If the version which had this bug was way older, please
fill in the version that fixes it instead of marking it as
not-affected.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
Author: nion
Date: 2009-05-06 12:07:29 + (Wed, 06 May 2009)
New Revision: 11810
Modified:
data/DTSA/list
Log:
DTSA-199-1 (apt)
Modified: data/DTSA/list
===
--- data/DTSA/list 2009-05-06 11:47:14 UTC (rev 11809)
+++
Author: nion
Date: 2009-05-06 12:17:59 + (Wed, 06 May 2009)
New Revision: 11811
Modified:
data/DTSA/list
Log:
adjust date
Modified: data/DTSA/list
===
--- data/DTSA/list 2009-05-06 12:07:29 UTC (rev 11810)
+++
Author: nion
Date: 2009-05-06 12:27:24 + (Wed, 06 May 2009)
New Revision: 11812
Modified:
data/CVE/list
Log:
CVE-2009-1364 fixed in libwmf 0.2.8.4-6.1
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-06 12:17:59
Author: nion
Date: 2009-05-05 12:59:08 + (Tue, 05 May 2009)
New Revision: 11788
Modified:
data/CVE/list
Log:
CVE-2009-1494 fixed in memcached 1.2.8-1, but unimportant
Modified: data/CVE/list
===
--- data/CVE/list
Author: nion
Date: 2009-05-05 13:05:42 + (Tue, 05 May 2009)
New Revision: 11789
Modified:
data/CVE/list
Log:
CVE-2009-1515 fixed in file 5.02-1
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-05 12:59:08 UTC (rev
Author: nion
Date: 2009-05-05 13:14:46 + (Tue, 05 May 2009)
New Revision: 11790
Modified:
data/embedded-code-copies
Log:
libwmf embeds gd
Modified: data/embedded-code-copies
===
--- data/embedded-code-copies 2009-05-05
Author: nion
Date: 2009-05-05 14:11:37 + (Tue, 05 May 2009)
New Revision: 11791
Modified:
data/CVE/list
Log:
- NFUs
- new libmodplug issue (CVE-2009-1438), also present in gst-plugins-bad0.10 as
it embeds libmodplug
Modified: data/CVE/list
Author: nion
Date: 2009-05-05 14:21:02 + (Tue, 05 May 2009)
New Revision: 11792
Modified:
data/CVE/list
Log:
another libmodplug buffer overflow
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-05 14:11:37 UTC (rev
Author: nion
Date: 2009-05-05 14:28:10 + (Tue, 05 May 2009)
New Revision: 11793
Modified:
data/CVE/list
Log:
new clamav init script issue doesnt affect us
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-05
Author: nion
Date: 2009-05-05 14:42:28 + (Tue, 05 May 2009)
New Revision: 11794
Modified:
data/CVE/list
Log:
- new kfreebsd-7 issue doesn't affect us
- CVE-2009-14[15-17] fixed ingnutls26 2.6.6-1, -15 and -16 don't affect
etch/lenny
Modified: data/CVE/list
Author: nion
Date: 2009-05-05 15:03:55 + (Tue, 05 May 2009)
New Revision: 11795
Modified:
data/CVE/list
Log:
new issue in xvfb (xorg-server), no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-05 14:42:28 UTC
Author: nion
Date: 2009-05-04 14:25:56 + (Mon, 04 May 2009)
New Revision: 11773
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
kfreebsd spu preparation
Modified: data/CVE/list
===
--- data/CVE/list 2009-05-04
Author: nion
Date: 2009-05-04 17:31:20 + (Mon, 04 May 2009)
New Revision: 11774
Modified:
data/DTSA/list
Log:
DTSA-198-1 \o/
Modified: data/DTSA/list
===
--- data/DTSA/list 2009-05-04 14:25:56 UTC (rev 11773)
+++
Hi,
* Michael S. Gilbert michael.s.gilb...@gmail.com [2009-04-30 11:14]:
On Wed, 29 Apr 2009 18:38:27 + Nico Golde wrote:
Author: nion
Date: 2009-04-29 18:38:27 + (Wed, 29 Apr 2009)
New Revision: 11743
Modified:
data/CVE/list
Log:
- NFUs
- cveified amule
- chrome
Author: nion
Date: 2009-04-30 17:39:06 + (Thu, 30 Apr 2009)
New Revision: 11746
Modified:
data/DSA/list
Log:
add DSA-1783-1
Modified: data/DSA/list
===
--- data/DSA/list 2009-04-30 14:46:31 UTC (rev 11745)
+++
Author: nion
Date: 2009-04-25 15:09:20 + (Sat, 25 Apr 2009)
New Revision: 11715
Modified:
data/CVE/list
Log:
CVE-2009-0664 fixed in mahara 1.1.3-1
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-24 21:14:19 UTC
Author: nion
Date: 2009-04-24 09:52:42 + (Fri, 24 Apr 2009)
New Revision: 11709
Modified:
data/CVE/list
Log:
clamav cveified
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-24 03:47:32 UTC (rev 11708)
+++
Author: nion
Date: 2009-04-24 10:15:19 + (Fri, 24 Apr 2009)
New Revision: 11710
Modified:
data/CVE/list
Log:
adjust /dev/mem rootkit impact again, we don't track things that are no
vulnerability by itself
Modified: data/CVE/list
Author: nion
Date: 2009-04-24 15:49:30 + (Fri, 24 Apr 2009)
New Revision: 11711
Modified:
data/CVE/list
data/NMU/list
Log:
CVE-2009-0946 fixed in freetype 2.3.9-4.1
Modified: data/CVE/list
===
--- data/CVE/list
Author: nion
Date: 2009-04-23 19:05:21 + (Thu, 23 Apr 2009)
New Revision: 11699
Modified:
data/CVE/list
Log:
CVE-2006-4245 fixed in archivemail 0.6.2-2
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-23 15:44:30
Author: nion
Date: 2009-04-23 19:34:11 + (Thu, 23 Apr 2009)
New Revision: 11700
Modified:
data/CVE/list
Log:
NFUs, short note to CVE-2009-1266
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-23 19:05:21 UTC (rev
Author: nion
Date: 2009-04-23 19:45:39 + (Thu, 23 Apr 2009)
New Revision: 11701
Modified:
data/CVE/list
Log:
roundup issue fixed in 1.4.4-4+lenny1, looks like the maintainer accidently
uploaded to unstable
Modified: data/CVE/list
Author: nion
Date: 2009-04-23 19:48:33 + (Thu, 23 Apr 2009)
New Revision: 11702
Modified:
data/CVE/list
Log:
ogle removed
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-23 19:45:39 UTC (rev 11701)
+++
Author: nion
Date: 2009-04-22 16:20:24 + (Wed, 22 Apr 2009)
New Revision: 11690
Modified:
data/CVE/list
Log:
CVE-2008-5619 fixed in mahara 1.1.3-1
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-22 06:42:47 UTC
Author: nion
Date: 2009-04-22 16:22:41 + (Wed, 22 Apr 2009)
New Revision: 11691
Modified:
data/CVE/list
Log:
CVE-2008-5619 update not-affected info for lenny
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-22
Author: nion
Date: 2009-04-21 21:51:31 + (Tue, 21 Apr 2009)
New Revision: 11680
Modified:
data/CVE/list
Log:
CVE-2007-6725 silently fixed in 8.63.dfsg.1-1, working on the other unfixed
issues for unstable
Modified: data/CVE/list
Author: nion
Date: 2009-04-21 21:56:53 + (Tue, 21 Apr 2009)
New Revision: 11681
Modified:
data/CVE/list
Log:
CVE-2008-6679 also fixed (8.64~dfsg-1) *grr*
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-21 21:51:31
Author: nion
Date: 2009-04-21 23:56:26 + (Tue, 21 Apr 2009)
New Revision: 11683
Modified:
data/CVE/list
data/NMU/list
Log:
CVE-2009-0792,CVE-2009-058{3,4},CVE-2009-0196 fixed in ghostscript 8.64~dfsg-1.1
Modified: data/CVE/list
Author: nion
Date: 2009-04-22 00:16:46 + (Wed, 22 Apr 2009)
New Revision: 11684
Modified:
data/CVE/list
Log:
new amule issue
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-21 23:56:26 UTC (rev 11683)
+++
Author: nion
Date: 2009-04-22 00:43:41 + (Wed, 22 Apr 2009)
New Revision: 11685
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-22 00:16:46 UTC (rev 11684)
+++ data/CVE/list
Author: nion
Date: 2009-04-22 03:59:01 + (Wed, 22 Apr 2009)
New Revision: 11686
Modified:
data/CVE/list
Log:
spip is back in the archive, CVE-2005-4494 fixed long ago
Modified: data/CVE/list
===
--- data/CVE/list
, can't find any
sources of this extension in typo3-src.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpAbNzvemhxy.pgp
Description: PGP signature
Author: nion
Date: 2009-04-22 04:06:07 + (Wed, 22 Apr 2009)
New Revision: 11687
Modified:
data/CVE/list
Log:
CVE-2008-6594 is NFU, wrongly tagged
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-22 03:59:01 UTC
Author: nion
Date: 2009-04-22 04:20:28 + (Wed, 22 Apr 2009)
New Revision: 11688
Modified:
data/CVE/list
Log:
CVE-2009-1274 fixed in xine-lib 1.1.16.3-1
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-22 04:06:07
Author: nion
Date: 2009-04-20 19:16:40 + (Mon, 20 Apr 2009)
New Revision: 11667
Modified:
data/CVE/list
Log:
CVE-2008-6235 already fixed in vim 2:7.2.148-1
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-20
Author: nion
Date: 2009-04-20 19:53:01 + (Mon, 20 Apr 2009)
New Revision: 11668
Modified:
data/CVE/list
Log:
CVE-2009-0792 fixed in argyll 1.0.3-3, ghostscript bug filed, adjusted impact
Modified: data/CVE/list
===
---
Author: nion
Date: 2009-04-20 20:12:42 + (Mon, 20 Apr 2009)
New Revision: 11669
Modified:
data/package-tags
Log:
add vmware-package to the list of unsupported packages
Modified: data/package-tags
===
--- data/package-tags
Author: nion
Date: 2009-04-20 20:48:25 + (Mon, 20 Apr 2009)
New Revision: 11670
Modified:
data/CVE/list
Log:
new freetype issue (CVE-2009-0946)
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-20 20:12:42 UTC (rev
Author: nion
Date: 2009-04-20 21:57:47 + (Mon, 20 Apr 2009)
New Revision: 11672
Modified:
data/CVE/list
Log:
- CVE-2008-6505 doesn't affect struts in Debian
- NFUs
Modified: data/CVE/list
===
--- data/CVE/list
Hi,
* Kees Cook k...@ubuntu.com [2009-04-17 18:38]:
On Fri, Apr 17, 2009 at 10:57:38AM -0400, Michael S. Gilbert wrote:
On Fri, 17 Apr 2009 11:30:19 +0200, Nico Golde wrote:
* Kees Cook k...@alioth.debian.org [2009-04-17 09:59]:
Author: kees
Date: 2009-04-17 01:25:52 + (Fri, 17
and add the ids to the DSA
list. This should be a lot cleaner.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpdFlL9yN79k.pgp
Description: PGP signature
Author: nion
Date: 2009-04-17 11:01:09 + (Fri, 17 Apr 2009)
New Revision: 11642
Modified:
data/CVE/list
Log:
add some old missing fixes
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-17 10:12:38 UTC (rev 11641)
Author: nion
Date: 2009-04-17 12:07:38 + (Fri, 17 Apr 2009)
New Revision: 11643
Modified:
data/CVE/list
Log:
- CVE-2009-1273 doesn't affect us
- CVE-2009-0587 fixed in evolution-data-server 2.24.5-2
- CVE-2008-4308 fixed in tomcat5.5 5.5.23-1
Modified: data/CVE/list
discussion of this until you
switch this on again. It's not that we were too lazy or to
unskilled so far to play with soap and mark fixed bugs
automatically in the tracker but as far as I can tell this
wasn't done on purpose.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de
Author: nion
Date: 2009-04-11 21:08:37 + (Sat, 11 Apr 2009)
New Revision: 11608
Modified:
data/CVE/list
Log:
clamav fixes
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-11 14:39:03 UTC (rev 11607)
+++
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgps41Y5RizXs.pgp
Description: PGP signature
___
Secure-testing-commits mailing list
Secure-testing
Author: nion
Date: 2009-04-09 14:05:17 + (Thu, 09 Apr 2009)
New Revision: 11598
Modified:
data/CVE/list
Log:
update status for destar, CVE-2008-6538 doesnt affect us
Modified: data/CVE/list
===
--- data/CVE/list
Author: nion
Date: 2009-04-08 14:15:32 + (Wed, 08 Apr 2009)
New Revision: 11588
Modified:
data/CVE/list
data/NMU/list
Log:
CVE-2009-0642 fixed in 1.8.7.72-3.1
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-08
Author: nion
Date: 2009-04-08 14:30:52 + (Wed, 08 Apr 2009)
New Revision: 11589
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-08 14:15:32 UTC (rev 11588)
+++ data/CVE/list
Author: nion
Date: 2009-04-09 00:21:00 + (Thu, 09 Apr 2009)
New Revision: 11592
Modified:
data/CVE/list
Log:
CVE-2009-08[44-46] fixed in krb5 1.6.dfsg.4~beta1-13
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-08
Author: nion
Date: 2009-04-09 00:41:43 + (Thu, 09 Apr 2009)
New Revision: 11593
Modified:
data/CVE/list
Log:
clamav cveified
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-09 00:21:00 UTC (rev 11592)
+++
Author: nion
Date: 2009-04-07 12:25:53 + (Tue, 07 Apr 2009)
New Revision: 11572
Modified:
data/CVE/list
Log:
CVE-2009-0115 fixed in multipath-tools 0.4.8-15
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-06
Author: nion
Date: 2009-04-07 14:04:18 + (Tue, 07 Apr 2009)
New Revision: 11573
Modified:
data/CVE/list
data/NMU/list
Log:
CVE-2009-0642 fixed in ruby1.9 1.9.0.2-9.1, rub1.8 bugs added, nmu on its way
Modified: data/CVE/list
Author: nion
Date: 2009-04-07 14:54:17 + (Tue, 07 Apr 2009)
New Revision: 11574
Modified:
data/CVE/list
Log:
new/old clamav issue fixed in 0.95+dfsg-1 (CVE-2009-1241)
Modified: data/CVE/list
===
--- data/CVE/list
Author: nion
Date: 2009-04-08 01:16:37 + (Wed, 08 Apr 2009)
New Revision: 11582
Modified:
data/DSA/list
Log:
add CVE-2008-6125 to DSA-1724-1
Modified: data/DSA/list
===
--- data/DSA/list 2009-04-07 23:13:19 UTC (rev
Author: nion
Date: 2009-04-06 10:24:06 + (Mon, 06 Apr 2009)
New Revision: 11565
Modified:
data/embedded-code-copies
Log:
kdegraphics is linking against poppler now
Modified: data/embedded-code-copies
===
---
Author: nion
Date: 2009-04-06 16:07:20 + (Mon, 06 Apr 2009)
New Revision: 11566
Modified:
data/CVE/list
Log:
CVE-2009-0547 affects evolution-data-server not evolution, fixed in 2.24.5-2
Modified: data/CVE/list
===
---
Author: nion
Date: 2009-04-06 16:12:03 + (Mon, 06 Apr 2009)
New Revision: 11567
Modified:
data/CVE/list
Log:
spip made it back into debian with a lot of fixed issues
Modified: data/CVE/list
===
--- data/CVE/list
Author: nion
Date: 2009-04-06 16:40:24 + (Mon, 06 Apr 2009)
New Revision: 11569
Modified:
data/CVE/list
Log:
new xine issue
Modified: data/CVE/list
===
--- data/CVE/list 2009-04-06 16:26:36 UTC (rev 11568)
+++
Author: nion
Date: 2009-04-06 17:28:18 + (Mon, 06 Apr 2009)
New Revision: 11570
Modified:
data/CVE/list
Log:
- NFU
- CVE-2008-654{8,9} fixed in moin 1.6.2-1
- CVE-2008-653{2,3} fixed in drupal6/drupal5 6.9-1/5.14-1
- CVE-2009-0364 fixed in webcit 7.38b-dfsg-2
- new multipath-tools issue
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpiruLlWIVTc.pgp
Description: PGP signature
___
Secure-testing-commits mailing list
Secure-testing
:)
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpQ1czxPDj9r.pgp
Description: PGP signature
___
Secure-testing-commits mailing list
Secure
/
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpGRqN2zX6k3.pgp
Description: PGP signature
___
Secure-testing-commits mailing list
Secure
Hi Dominic,
* Dominic Hargreaves [EMAIL PROTECTED] [2007-12-07 17:59]:
On Fri, Dec 07, 2007 at 05:35:06PM +0100, Nico Golde wrote:
[...]
Please read the narrative_introduction before commiting to
the svn, please. sarge entries need a sarge tag.
D'oh, apologies. Missed that point. I think
see)
is not fixed in unstable.
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpbRU4XzXbNX.pgp
Description: PGP signature
___
Secure
this out. I must have missed the
modifications to it, originally I wrote this paragraph and
it said that you have to check using make check-syntax.
I somehow missed this wasn't the case anymore.
Thanks you!
Kind regards
Nico
--
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
501 - 578 of 578 matches
Mail list logo