(no commit message)
[wiki.git] / doc / LennyBugsAll
index b8096a7cf342333565590b6ef898b50ed6f4ad26..7a5ad7f46522bb789c8bd42ef1ee497613f69817 100644 (file)
@@ -157,10 +157,6 @@ in [http://packages.debian.org/lenny/ghostscript ghostscript]
 in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1]
 "epiphany-webkit: Crashes at startup whenever I go to a site."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
-in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
-"CVE-2007-3215: phpmailer issue (embedded code-copy)"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373]
 in [http://packages.debian.org/lenny/libtemplate-perl libtemplate-perl]
 "libtemplate-perl: Upgrade from etch breaks code using DBI plugins"
@@ -181,42 +177,22 @@ in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legac
 in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
 "gnu-fdisk: wipes out MBR when used on GPT partitions"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
-in [http://packages.debian.org/lenny/wordpress wordpress]
-"wordpress can be subject of delayed attacks via cookies"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918]
 in [http://packages.debian.org/lenny/network-manager network-manager]
 "Updating to lenny failed when NetworkManager got updated"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
-in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
-"ffmpeg-debian: Several security issues"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237]
 in [http://packages.debian.org/lenny/snmpd snmpd]
 "/etc/init.d/snmpd start reports error if already running"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
-in [http://packages.debian.org/lenny/icedove icedove]
-"Mozilla Thunderbird Multiple Vulnerabilities"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
 in [http://packages.debian.org/lenny/splashy splashy]
 "splashy: Splashy fails to install due to missing default theme"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
-in [http://packages.debian.org/lenny/mailscanner mailscanner]
-"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652]
 in [http://packages.debian.org/lenny/xml2rfc xml2rfc]
 "Yet another boilerplate change"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
-in [http://packages.debian.org/lenny/wireshark wireshark]
-"wireshark: DoS caused by sending a SMTP request with large content"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748]
 in [http://packages.debian.org/lenny/rtorrent rtorrent]
 "crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
@@ -237,14 +213,6 @@ in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
 in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
 "initramfs-tools: Wrong check for udevadm in functions"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165]
-in [http://packages.debian.org/lenny/xine-lib xine-lib]
-"xine-lib: CVE-2008-5242 heap-based buffer overflow"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507184 507184]
-in [http://packages.debian.org/lenny/xine-lib xine-lib]
-"xine-lib: CVE-2008-5246 heap overflow"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239]
 in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
 "RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code"
@@ -258,6 +226,40 @@ in [http://packages.debian.org/lenny/smarty smarty]
 "smarty: Non-free logo included in package"
 
 
+= Unclassified Security =
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
+in [http://packages.debian.org/lenny/icedove icedove]
+"Mozilla Thunderbird Multiple Vulnerabilities"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
+in [http://packages.debian.org/lenny/mailscanner mailscanner]
+"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165]
+in [http://packages.debian.org/lenny/xine-lib xine-lib]
+"xine-lib: CVE-2008-5242 heap-based buffer overflow"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507184 507184]
+in [http://packages.debian.org/lenny/xine-lib xine-lib]
+"xine-lib: CVE-2008-5246 heap overflow"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
+in [http://packages.debian.org/lenny/wireshark wireshark]
+"wireshark: DoS caused by sending a SMTP request with large content"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
+in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
+"ffmpeg-debian: Several security issues"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
+in [http://packages.debian.org/lenny/wordpress wordpress]
+"wordpress can be subject of delayed attacks via cookies"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
+in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
+"CVE-2007-3215: phpmailer issue (embedded code-copy)"
+
 = Fresh bugs =
 
 These are very recent and presumably will get dealt with by the package maintainers without help.