[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire
From: Robert Buchholz <rbu () gentoo ! org>
Date: 2008-10-30 21:53:29
Message-ID: 200810302253.40409.rbu () gentoo ! org
[Download RAW message or body]
Hi,
Gentoo could need CVEs for some more of the insecure tempfile issues
found by Debian. For others, we have gathered a list of all the bugs
created at our tracker https://bugs.gentoo.org/show_bug.cgi?id=235770
* aview
DEBIAN: http://bugs.debian.org/496422
GENTOO: https://bugs.gentoo.org/235808
FILES: asciiview
CODE: http://dev.gentoo.org/~rbu/security/debiantemp/aview
* mgetty
DEBIAN: http://bugs.debian.org/496403
GENTOO: https://bugs.gentoo.org/235806
FILES: faxspool
CODE: http://dev.gentoo.org/~rbu/security/debiantemp/mgetty-fax
* openoffice.org
DEBIAN: http://bugs.debian.org/496361
GENTOO: https://bugs.gentoo.org/235824
http://www.securityfocus.com/bid/30925
FILES: senddoc
CODE:
http://dev.gentoo.org/~rbu/security/debiantemp/openoffice.org-common
[etch] - openoffice.org <not-affected> (Vulnerable code not present)
NOTE: also not present in 3.0.0, only in 2.4.1. Fix pending upload.
* crossfire
DEBIAN: http://bugs.debian.org/496358
GENTOO: https://bugs.gentoo.org/236205
FILES: combine.pl
CODE: http://dev.gentoo.org/~rbu/security/debiantemp/crossfire-maps
Robert
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic