Author: jmm-guest
Date: 2005-09-28 10:22:39 +0000 (Wed, 28 Sep 2005)
New Revision: 2206
Modified:
data/CAN/list
Log:
new sudo issue; dump fixed
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-09-28 10:09:48 UTC (rev 2205)
+++ data/CAN/list 2005-09-28 10:22:39 UTC (rev 2206)
@@ -250,8 +250,9 @@
RESERVED
CAN-2005-2960
RESERVED
-CAN-2005-2959
+CAN-2005-2959 [Sudo does not sanitize SHELLOPTS and PS4 shell env vars before
starting sudoed apps]
RESERVED
+ - sudo 1.6.8p9-3 (medium)
CAN-2005-2958
RESERVED
CAN-2005-2957 (Stack-based buffer overflow in AVIRA Desktop for Windows
1.00.00.68 ...)
@@ -3419,7 +3420,7 @@
NOTE: exploitability using this hole.
- dpkg 1.13.11 (bug #317967; medium)
- zsync 0.4.0-2 (medium)
- - dump <unfixed> (bug #317966; medium)
+ - dump 0.4b40-1 (bug #317966; medium)
- aide 0.10-6.1.1 (bug #317523; medium)
- amd64-libs <unfixed> (bug #317970; medium)
- ia32-libs <unfixed> (bug #317971; medium)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
