From: Tim Abbott Date: Fri, 12 Dec 2008 15:41:04 +0000 (-0500) Subject: (no commit message) X-Git-Tag: trac~115 X-Git-Url: https://sipb.mit.edu/gitweb.cgi/wiki.git/commitdiff_plain/6716779fa28d5f9649b844483fc32ed012ea2617 --- diff --git a/doc/LennyBugsAll b/doc/LennyBugsAll index b8096a7..7a5ad7f 100644 --- a/doc/LennyBugsAll +++ b/doc/LennyBugsAll @@ -157,10 +157,6 @@ in [http://packages.debian.org/lenny/ghostscript ghostscript] in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1] "epiphany-webkit: Crashes at startup whenever I go to a site." -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283] -in [http://packages.debian.org/lenny/egroupware-core egroupware-core] -"CVE-2007-3215: phpmailer issue (embedded code-copy)" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373] in [http://packages.debian.org/lenny/libtemplate-perl libtemplate-perl] "libtemplate-perl: Upgrade from etch breaks code using DBI plugins" @@ -181,42 +177,22 @@ in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legac in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk] "gnu-fdisk: wipes out MBR when used on GPT partitions" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] -in [http://packages.debian.org/lenny/wordpress wordpress] -"wordpress can be subject of delayed attacks via cookies" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918] in [http://packages.debian.org/lenny/network-manager network-manager] "Updating to lenny failed when NetworkManager got updated" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977] -in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian] -"ffmpeg-debian: Several security issues" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237] in [http://packages.debian.org/lenny/snmpd snmpd] "/etc/init.d/snmpd start reports error if already running" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563] -in [http://packages.debian.org/lenny/icedove icedove] -"Mozilla Thunderbird Multiple Vulnerabilities" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057] in [http://packages.debian.org/lenny/splashy splashy] "splashy: Splashy fails to install due to missing default theme" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353] -in [http://packages.debian.org/lenny/mailscanner mailscanner] -"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652] in [http://packages.debian.org/lenny/xml2rfc xml2rfc] "Yet another boilerplate change" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741] -in [http://packages.debian.org/lenny/wireshark wireshark] -"wireshark: DoS caused by sending a SMTP request with large content" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748] in [http://packages.debian.org/lenny/rtorrent rtorrent] "crash rtorrent by scgi-interface (function: 'fi.get_filename_last')" @@ -237,14 +213,6 @@ in [http://packages.debian.org/lenny/open-iscsi open-iscsi] in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools] "initramfs-tools: Wrong check for udevadm in functions" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165] -in [http://packages.debian.org/lenny/xine-lib xine-lib] -"xine-lib: CVE-2008-5242 heap-based buffer overflow" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507184 507184] -in [http://packages.debian.org/lenny/xine-lib xine-lib] -"xine-lib: CVE-2008-5246 heap overflow" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239] in [http://packages.debian.org/lenny/release.debian.org release.debian.org] "RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code" @@ -258,6 +226,40 @@ in [http://packages.debian.org/lenny/smarty smarty] "smarty: Non-free logo included in package" += Unclassified Security = + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563] +in [http://packages.debian.org/lenny/icedove icedove] +"Mozilla Thunderbird Multiple Vulnerabilities" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353] +in [http://packages.debian.org/lenny/mailscanner mailscanner] +"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165] +in [http://packages.debian.org/lenny/xine-lib xine-lib] +"xine-lib: CVE-2008-5242 heap-based buffer overflow" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507184 507184] +in [http://packages.debian.org/lenny/xine-lib xine-lib] +"xine-lib: CVE-2008-5246 heap overflow" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741] +in [http://packages.debian.org/lenny/wireshark wireshark] +"wireshark: DoS caused by sending a SMTP request with large content" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977] +in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian] +"ffmpeg-debian: Several security issues" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] +in [http://packages.debian.org/lenny/wordpress wordpress] +"wordpress can be subject of delayed attacks via cookies" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283] +in [http://packages.debian.org/lenny/egroupware-core egroupware-core] +"CVE-2007-3215: phpmailer issue (embedded code-copy)" + = Fresh bugs = These are very recent and presumably will get dealt with by the package maintainers without help.