[Secure-testing-commits] r5506 - data/CVE

Stefan Fritsch Sun, 04 Mar 2007 08:16:35 -0800

Author: stef-guest
Date: 2007-03-04 16:16:29 +0000 (Sun, 04 Mar 2007)
New Revision: 5506


Modified:
   data/CVE/list
Log:
- new putty issue
- dropbear fixed in etch


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-03-04 13:36:01 UTC (rev 5505)
+++ data/CVE/list       2007-03-04 16:16:29 UTC (rev 5506)
@@ -1,3 +1,6 @@
+CVE-2007-XXXX [puttygen can create world-readable private keys]
+       - putty <unfixed> (bug #400804; low)
+       [sarge] - putty <no-dsa> (minor issue)
 CVE-2007-XXXX [asterisk remote SIP security hole]
        - asterisk 1:1.2.16~dfsg-1
 CVE-2007-1160 (webSPELL 4.0, and possibly later versions, allows remote 
attackers to ...)
@@ -128,6 +131,7 @@
        NOT-FOR-US: Pickle
 CVE-2007-1099 (dbclient in Dropbear SSH client before 0.49 does not 
sufficiently warn ...)
        - dropbear 0.49-1 (bug #412899)
+       [etch] - dropbear 0.48.1-2
 CVE-2007-1098 (Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 
have ...)
        NOT-FOR-US: ScryMUD
 CVE-2007-1097 (Unspecified vulnerability in the upload tool in Wiclear before 
0.11.1 ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r5506 - data/CVE

Reply via email to