'[oss-security] CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire
From:       Robert Buchholz <rbu () gentoo ! org>
Date:       2008-10-30 21:53:29
Message-ID: 200810302253.40409.rbu () gentoo ! org
[Download RAW message or body]


Hi,

Gentoo could need CVEs for some more of the insecure tempfile issues 
found by Debian. For others, we have gathered a list of all the bugs 
created at our tracker https://bugs.gentoo.org/show_bug.cgi?id=235770

* aview
DEBIAN: http://bugs.debian.org/496422
GENTOO: https://bugs.gentoo.org/235808
FILES: asciiview
CODE: http://dev.gentoo.org/~rbu/security/debiantemp/aview

* mgetty
DEBIAN: http://bugs.debian.org/496403
GENTOO: https://bugs.gentoo.org/235806
FILES: faxspool
CODE: http://dev.gentoo.org/~rbu/security/debiantemp/mgetty-fax

* openoffice.org
DEBIAN: http://bugs.debian.org/496361
GENTOO: https://bugs.gentoo.org/235824
http://www.securityfocus.com/bid/30925
FILES: senddoc
CODE: 
http://dev.gentoo.org/~rbu/security/debiantemp/openoffice.org-common
   [etch] - openoffice.org <not-affected> (Vulnerable code not present)
   NOTE: also not present in 3.0.0, only in 2.4.1. Fix pending upload.

* crossfire
DEBIAN: http://bugs.debian.org/496358
GENTOO: https://bugs.gentoo.org/236205
FILES: combine.pl
CODE: http://dev.gentoo.org/~rbu/security/debiantemp/crossfire-maps


Robert

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic