oss-security - CVE requests: freebsd kernel/tesseract/xinha/proftpd

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Message-ID: <20110221183952.GD3901@pisco.westfalen.local>
Date: Mon, 21 Feb 2011 19:39:52 +0100
From: Moritz Muehlenhoff <jmm@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE requests: freebsd kernel/tesseract/xinha/proftpd

Hi,
Please assign CVE IDs for the following issues from the Debian
Security Tracker:

1. FreeBSD kernel: local DoS
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=613312
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611476
http://www.exploit-db.com/exploits/16064/
http://svn.debian.org/wsvn/glibc-bsd/branches/squeeze/kfreebsd-8/debian/patches/000_tcp_usrreq.diff

2. Xinha: Multiple vulnerabilities
(The code is included in a few web apps, e.g. serendipity, openacs or dotlrn)
http://secunia.com/advisories/40669/

3. tesseract: Insecure temp file handling
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612032

4. proftpd mod_sftp integer overflow
http://bugs.proftpd.org/show_bug.cgi?id=3586
http://www.exploit-db.com/exploits/16129/

Cheers,
        Moritz

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.