Message-Id: <200810302253.40409.rbu@gentoo.org> Date: 2008年10月30日 22:53:29 +0100 From: Robert Buchholz <rbu@...too.org> To: oss-security <oss-security@...ts.openwall.com> Subject: CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire Hi, Gentoo could need CVEs for some more of the insecure tempfile issues found by Debian. For others, we have gathered a list of all the bugs created at our tracker https://bugs.gentoo.org/show_bug.cgi?id=235770 * aview DEBIAN: http://bugs.debian.org/496422 GENTOO: https://bugs.gentoo.org/235808 FILES: asciiview CODE: http://dev.gentoo.org/~rbu/security/debiantemp/aview * mgetty DEBIAN: http://bugs.debian.org/496403 GENTOO: https://bugs.gentoo.org/235806 FILES: faxspool CODE: http://dev.gentoo.org/~rbu/security/debiantemp/mgetty-fax * openoffice.org DEBIAN: http://bugs.debian.org/496361 GENTOO: https://bugs.gentoo.org/235824 http://www.securityfocus.com/bid/30925 FILES: senddoc CODE: http://dev.gentoo.org/~rbu/security/debiantemp/openoffice.org-common [etch] - openoffice.org <not-affected> (Vulnerable code not present) NOTE: also not present in 3.0.0, only in 2.4.1. Fix pending upload. * crossfire DEBIAN: http://bugs.debian.org/496358 GENTOO: https://bugs.gentoo.org/236205 FILES: combine.pl CODE: http://dev.gentoo.org/~rbu/security/debiantemp/crossfire-maps Robert Download attachment "signature.asc " of type "application/pgp-signature" (836 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.