[Secure-testing-commits] r159 - sarge-checks/CAN
Joey Hess
joeyh@haydn.debian.org
Fri, 03 Dec 2004 12:39:44 -0700
Author: joeyh
Date: 2004-12-03 12:38:54 -0700 (Fri, 03 Dec 2004)
New Revision: 159
Added:
sarge-checks/CAN/update.pl
Removed:
sarge-checks/CAN/makelist.pl
Modified:
sarge-checks/CAN/list
Log:
Modify makelist.pl into update.pl, which will merge in CAN and DSA updates
into the list.
Updated the list with it. This resulted in a lot of changes due to:
- DSA link format changing
- some formatting fixes
- previously reserved CANs no longer reserved
Eyballed the changed, they look ok.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2004-12-03 18:53:27 UTC (rev 158)
+++ sarge-checks/CAN/list 2004-12-03 19:38:54 UTC (rev 159)
@@ -25,8 +25,10 @@
CAN-2004-1053
NOTE: not-for-us (fetch on FreeBSD)
CAN-2004-1052
+ {DSA-595-1}
NOTE: bnc is not in sarge or unstable (is in woody)
CAN-2004-1051
+ {DSA-596-2 DSA-596-1}
- sudo 1.6.8p3-1
CAN-2004-1050
NOTE: not-for-us (Microsoft)
@@ -55,7 +57,7 @@
CAN-2004-1038
NOTE: not-for-us (IEEE1394 specification bug, physical security)
CAN-2004-1037
- NOTE: reserved
+ TODO: check
CAN-2004-1036
- squirrelmail 2:1.4.3a-3
CAN-2004-1035
@@ -72,7 +74,7 @@
CAN-2004-1030
- fcron 2.9.5.1-1
CAN-2004-1029
- NOTE: reserved
+ TODO: check
CAN-2004-1028
NOTE: reserved
CAN-2004-1027
@@ -88,7 +90,7 @@
CAN-2004-1022
NOTE: reserved
CAN-2004-1021
- NOTE: reserved
+ TODO: check
CAN-2004-1020
NOTE: reserved
CAN-2004-1019
@@ -100,32 +102,29 @@
CAN-2004-1016
NOTE: reserved
CAN-2004-1015
- NOTE: reserved
+ TODO: check
CAN-2004-1014
NOTE: reserved
CAN-2004-1013
- NOTE: reserved
- NOTE: covered by DSA-597-1
+ {DSA-597-1}
NOTE: see http://security.e-matters.de/advisories/152004.html
- cyrus-imapd 2.1.17-1
CAN-2004-1012
- NOTE: reserved
- NOTE: covered by DSA-597-1
+ {DSA-597-1}
NOTE: see http://security.e-matters.de/advisories/152004.html
- cyrus-imapd 2.1.17-1
CAN-2004-1011
- NOTE: reserved
+ TODO: check
CAN-2004-1010
- zip 2.30-8
CAN-2004-1009
NOTE: reserved
CAN-2004-1008
- NOTE: reserved
+ TODO: check
CAN-2004-1007
- bogofilter 0.92.8-1
CAN-2004-1006
- NOTE: reserved
- NOTE: covered by DSA-584-1
+ {DSA-584-1}
- dhcp 2.0pl5-19.1
CAN-2004-1005
NOTE: reserved
@@ -136,6 +135,7 @@
CAN-2004-1002
- ppp 2.4.2+20040428-3
CAN-2004-1001
+ {DSA-585-1}
- shadow 1:4.0.3-30.3
CAN-2004-1000
NOTE: reserved
@@ -146,32 +146,31 @@
CAN-2004-0997
NOTE: reserved
CAN-2004-0996
- NOTE: reserved
+ TODO: check
CAN-2004-0995
NOTE: reserved
CAN-2004-0994
NOTE: reserved
CAN-2004-0993
NOTE: reserved
- NOTE: covered by DSA-604-1
+ {DSA-604-1}
CAN-2004-0992
- NOTE: reserved
+ TODO: check
CAN-2004-0991
NOTE: reserved
CAN-2004-0990
- NOTE: covered by DSA-589-1
- NOTE: covered by DSA-591-1
+ {DSA-602-1 DSA-601-1 DSA-591-1 DSA-589-1}
- libgd2 2.0.30-1
CAN-2004-0989
- NOTE: covered by DSA-582-1
+ {DSA-582-1}
CAN-2004-0988
NOTE: not-for-us (Apple)
CAN-2004-0987
NOTE: reserved
- NOTE: covered by DSA-598-1
+ {DSA-598-1}
- yardradius 1.0.20-15
CAN-2004-0986
- NOTE: reserved
+ {DSA-580-1}
- iptables 1.2.11-4
CAN-2004-0985
NOTE: not-for-us (windows)
@@ -179,41 +178,43 @@
NOTE: reserved
- mailutils 1:0.5-4
CAN-2004-0983
- NOTE: reserved
+ {DSA-586-1}
- ruby1.8 1.8.1+1.8.2pre2-4
- ruby1.6 1.6.8-12
CAN-2004-0982
- NOTE: reserved
+ {DSA-578-1}
- mpg123 0.59r-17
CAN-2004-0981
- NOTE: reserved
+ {DSA-593-1}
- imagemagick 6:6.0.6.2-1.5
- NOTE: covered by DSA-593-1
CAN-2004-0980
- NOTE: reserved
+ {DSA-592-1}
- ez-ipupdate 3.0.11b8-8
CAN-2004-0979
NOTE: not-for-us (windows)
CAN-2004-0978
NOTE: not-for-us (windows)
CAN-2004-0977
+ {DSA-577-1}
- postgresql 7.4.6-1
CAN-2004-0976
- perl 5.8.4-4
CAN-2004-0975
- - openssl 0.9.7e-1
- NOTE: also includes other security fixes than this CAN
- NOTE: covered by DSA-603-1
+ {DSA-603-1}
+ - openssl 0.9.7e-1
+ NOTE: also includes other security fixes than this CAN
CAN-2004-0974 [local; low]
- netatalk 1.6.4a-1
CAN-2004-0973
NOTE: rejected
CAN-2004-0972
+ {DSA-583-1}
NOTE: lvmcreate_initrd not in debian
CAN-2004-0971
- kbr5 (unfixed; bug #278271; not shipped in binary package)
- arla 0.36.2-11
CAN-2004-0970
+ {DSA-588-1}
NOTE: sarge is not vulnerable as our version uses set -C
CAN-2004-0969
- groff 1.18.1.1-2
@@ -224,15 +225,16 @@
CAN-2004-0966
- gettext 0.14.1-6
CAN-2004-0965
- NOTE: reserved
+ TODO: check
CAN-2004-0964
+ {DSA-587-1}
NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
NOTE: DSA says zinf not vulnerable in sarge
- zinf 2.2.5
CAN-2004-0963
NOTE: not-for-us (windows)
CAN-2004-0962
- NOTE: reserved
+ TODO: check
CAN-2004-0961
- freeradius 1.0.1
CAN-2004-0960
@@ -245,15 +247,16 @@
- mysql-dfsg 3.23.58
- mysql 3.23.58
CAN-2004-0956
+ NOTE: reserved
NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
- NOTE: reserved
CAN-2004-0955
- NOTE: covered by DSA-570-1
+ NOTE: rejected
+ {DSA-571-1 DSA-570-1}
NOTE: dup of CAN-2004-0599
CAN-2004-0954
NOTE: rejected
CAN-2004-0953
- NOTE: reserved
+ TODO: check
CAN-2004-0952
NOTE: reserved
CAN-2004-0951
@@ -261,11 +264,10 @@
CAN-2004-0950
NOTE: not-for-us (NetOp Host)
CAN-2004-0949
- NOTE: reserved
+ TODO: check
CAN-2004-0948
NOTE: reserved
CAN-2004-0947
- NOTE: reserved
NOTE: see http://lwn.net/Alerts/110733/
NOTE: sarge's unarj is from a different code base, probably not vulnerable
CAN-2004-0946
@@ -279,8 +281,9 @@
CAN-2004-0942
- apache2 2.0.52-2
CAN-2004-0941
- NOTE: covered by DSA-602-1, DSA-601-1
+ {DSA-602-1 DSA-601-1}
CAN-2004-0940
+ {DSA-594-1}
- apache 1.3.33-2
CAN-2004-0939
NOTE: not-for-us (Neoteris Instant Virtual Extranet)
@@ -316,7 +319,7 @@
CAN-2004-0924
NOTE: not-for-us (MacOS)
CAN-2004-0923
- NOTE: covered by DSA-566-1
+ {DSA-566-1}
CAN-2004-0922
NOTE: not-for-us (MacOS)
CAN-2004-0921
@@ -326,12 +329,12 @@
CAN-2004-0919
NOTE: reserved
CAN-2004-0918
- NOTE: covered by DSA-576-1
+ {DSA-576-1}
- squid 2.5.7
CAN-2004-0917
NOTE: not-for-us (Vignette Application Portal)
CAN-2004-0916
- NOTE: covered by DSA-574-1
+ {DSA-574-1}
- cabextract 1.1-1
CAN-2004-0915
NOTE: reserved
@@ -339,12 +342,12 @@
NOTE: reserved
CAN-2004-0913
NOTE: reserved
- NOTE: covered by DSA-572-1
+ {DSA-572-1}
- squid 2.5.6-9
CAN-2004-0912
NOTE: reserved
CAN-2004-0911
- NOTE: covered by DSA-556-1
+ {DSA-569-1 DSA-556-1}
CAN-2004-0910
NOTE: rejected
CAN-2004-0909
@@ -396,41 +399,35 @@
CAN-2004-0893
NOTE: reserved
CAN-2004-0892
- NOTE: reserved
+ TODO: check
CAN-2004-0891
- gaim 1.0.2
CAN-2004-0890
NOTE: reserved
CAN-2004-0889
- NOTE: reserved
- NOTE: covered by DSA-573-1
+ {DSA-573-1}
CAN-2004-0888
- NOTE: reserved
- NOTE: covered by DSA-573-1
- NOTE: covered by DSA-599-1
+ {DSA-599-1 DSA-581-1 DSA-573-1}
- koffice 1:1.3.4-1
CAN-2004-0887
- NOTE: reserved
NOTE: waldi provided this info
- linux-kernel-image-2.6.8-s390 2.6.8-3
- kernel-source-2.6.8 2.6.8-10 CAN-2004-0887
CAN-2004-0886
- NOTE: reserved
- NOTE: covered by DSA-567-1
+ {DSA-567-1}
CAN-2004-0885
- apache2 2.0.52-2
CAN-2004-0884
- NOTE: covered by DSA-563-1
+ {DSA-568-1 DSA-563-1}
CAN-2004-0883
- NOTE: reserved
+ TODO: check
CAN-2004-0882
- NOTE: reserved
NOTE: details http://security.e-matters.de/advisories/132004.html
- samba 3.0.7
CAN-2004-0881
- NOTE: covered by DSA-553-1
+ {DSA-553-1}
CAN-2004-0880
- NOTE: covered by DSA-553-1
+ {DSA-553-1}
CAN-2004-0879
NOTE: reserved
CAN-2004-0878
@@ -489,7 +486,7 @@
NOTE: reserved
CAN-2004-0851
NOTE: reserved
- NOTE: covered by DSA-559-1
+ {DSA-559-1}
CAN-2004-0850
- star 1.5a46
CAN-2004-0849
@@ -518,16 +515,15 @@
CAN-2004-0838
NOTE: reserved
CAN-2004-0837
- NOTE: covered by DSA-562-2
+ {DSA-562-2}
CAN-2004-0836
- NOTE: covered by DSA-562-2
+ {DSA-562-2}
CAN-2004-0835
- NOTE: covered by DSA-562-2
+ {DSA-562-2}
CAN-2004-0834
- speedtouch 1.3.1
CAN-2004-0833
- NOTE: reserved
- NOTE: covered by DSA-554-1
+ {DSA-554-1}
CAN-2004-0832
- squid 2.5.6-8
CAN-2004-0831
@@ -539,7 +535,7 @@
CAN-2004-0828
NOTE: not-fos-us (AIX)
CAN-2004-0827
- NOTE: covered by DSA-547-1
+ {DSA-547-1}
- imagemagick 5:6.0.7.1-1
CAN-2004-0826
NOTE: not-for-us (netscape NSS)
@@ -555,20 +551,19 @@
NOTE: not-for-us (Apple)
CAN-2004-0820
NOTE: not-for-us (winamp)
+
CAN-2004-0819
NOTE: not-for-us (openbsd)
-
CAN-2004-0818
+ NOTE: reserved
NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
- NOTE: reserved
CAN-2004-0817
- NOTE: covered by DSA-548-1
+ {DSA-548-1}
CAN-2004-0816
- NOTE: reserved
+ TODO: check
CAN-2004-0815
- NOTE: covered by DSA-600-1
+ {DSA-600-1}
CAN-2004-0814
- NOTE: reserved
- kernel-source-2.6.8 2.6.8-8
- kernel-source-2.4.27 2.4.27-6
NOTE: "fix race conditions in linux terminal subsystem"
@@ -584,9 +579,9 @@
CAN-2004-0811
- apache2 2.0.52
CAN-2004-0810
- NOTE: reserved
+ TODO: check
CAN-2004-0809
- NOTE: covered by DSA-558-1
+ {DSA-558-1}
- apache2 2.0.51-1
CAN-2004-0808
- samba 3.0.7
@@ -595,16 +590,15 @@
CAN-2004-0806
- cdrtools 4:2.0+a34-2
CAN-2004-0805
- NOTE: covered by DSA-564-1
+ {DSA-564-1}
- mpg123 0.59r-16
CAN-2004-0804
+ {DSA-567-1}
NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
- NOTE: covered by DSA-567-1
CAN-2004-0803
- NOTE: reserved
- NOTE: covered by DSA-567-1
+ {DSA-567-1}
CAN-2004-0802
- NOTE: covered by DSA-552-1
+ {DSA-552-1}
CAN-2004-0801
- foomatic-filters 3.0.2
CAN-2004-0800
@@ -620,7 +614,7 @@
CAN-2004-0795
NOTE: not-for-us (IBM DB2 DB2RCMD.EXE)
CAN-2004-0794
- NOTE: covered by DSA-551-1
+ {DSA-551-1}
CAN-2004-0793
- bsdmainutils 6.0.15
CAN-2004-0792
@@ -632,7 +626,7 @@
CAN-2004-0789
NOTE: reserved
CAN-2004-0788
- NOTE: covered by DSA-546-1
+ {DSA-549-1 DSA-546-1}
CAN-2004-0787
NOTE: not-for-us (seems OpenCA is not in Debian)
CAN-2004-0786
@@ -643,11 +637,11 @@
CAN-2004-0784
- gaim 0.82
CAN-2004-0783
- NOTE: covered by DSA-549-1
+ {DSA-549-1}
CAN-2004-0782
- NOTE: covered by DSA-546-1
+ {DSA-549-1 DSA-546-1}
CAN-2004-0781
- NOTE: covered by DSA-541
+ {DSA-541}
CAN-2004-0780
NOTE: reserved
CAN-2004-0779
@@ -667,7 +661,7 @@
CAN-2004-0773
NOTE: reserved
CAN-2004-0772
- NOTE: covered by DSA-543-1
+ {DSA-543-1}
CAN-2004-0771
- lha 1.14i-9
CAN-2004-0770
@@ -675,7 +669,7 @@
CAN-2004-0769
- lha 1.14i-9
CAN-2004-0768
- NOTE: covered by DSA-536
+ {DSA-536}
CAN-2004-0767
NOTE: not-for-us (NGSEC StackDefender)
CAN-2004-0766
@@ -708,12 +702,12 @@
CAN-2004-0756
NOTE: reserved
CAN-2004-0755
- NOTE: covered by DSA-537
+ {DSA-537}
- gaim 1:0.82.1-1
CAN-2004-0754
- gaim 1:0.82.1-1
CAN-2004-0753
- NOTE: covered by DSA-546-1
+ {DSA-546-1}
CAN-2004-0752
- openoffice.org 1.1.2-4
CAN-2004-0751
@@ -721,7 +715,6 @@
CAN-2004-0750
NOTE: not-for-us (Red Hat specific)
CAN-2004-0749
- NOTE: reserved
- subversion 1.0.9-2
CAN-2004-0748
- apache2 2.0.51
@@ -825,7 +818,7 @@
CAN-2004-0701
NOTE: not-for-us (Solaris)
CAN-2004-0700
- NOTE: covered by DSA-532
+ {DSA-532}
CAN-2004-0699
NOTE: not-for-us (Check Point VPN)
CAN-2004-0698
@@ -840,24 +833,24 @@
NOTE: reserved
- lha 1.14i-10
CAN-2004-0693
- NOTE: covered by DSA-542-1
+ {DSA-542-1}
CAN-2004-0692
- NOTE: covered by DSA-542-1
+ {DSA-542-1}
CAN-2004-0691
- NOTE: covered by DSA-542-1
+ {DSA-542-1}
CAN-2004-0690
- kdelibs 4:3.2.3-3.sarge.1
NOTE: in t-p-u, 4.3.3 in unstable is also fixed
CAN-2004-0689
- NOTE: covered by DSA-539
+ {DSA-539}
CAN-2004-0688
- NOTE: covered by DSA-560-1
+ {DSA-561-1 DSA-560-1}
CAN-2004-0687
- NOTE: covered by DSA-560-1
+ {DSA-561-1 DSA-560-1}
CAN-2004-0686
- samba 3.0.5
CAN-2004-0685
- NOTE: reserved
+ TODO: check
CAN-2004-0684
NOTE: not-for-us (WebSphere Edge Server)
CAN-2004-0683
@@ -930,7 +923,7 @@
CAN-2004-0650
NOTE: not-for-us (Cisco)
CAN-2004-0649
- NOTE: covered by DSA-530
+ {DSA-530}
CAN-2004-0648
- mozilla 1.7.1
- mozilla-firefox 0.9.2
@@ -938,21 +931,21 @@
CAN-2004-0647
- shorewall 2.0.3a
CAN-2004-0646
- NOTE: reserved
+ TODO: check
CAN-2004-0645
- NOTE: covered by DSA-550-1
+ {DSA-579-1 DSA-550-1}
CAN-2004-0644
- NOTE: covered by DSA-543-1
+ {DSA-543-1}
CAN-2004-0643
- NOTE: covered by DSA-543-1
+ {DSA-543-1}
CAN-2004-0642
- NOTE: covered by DSA-543-1
+ {DSA-543-1}
CAN-2004-0641
NOTE: reserved
CAN-2004-0640
- NOTE: covered by DSA-529
+ {DSA-529}
CAN-2004-0639
- NOTE: covered by DSA-535
+ {DSA-535}
CAN-2004-0638
NOTE: reserved
CAN-2004-0637
@@ -960,7 +953,7 @@
CAN-2004-0636
NOTE: not-for-us (AOL Instant Messenger)
CAN-2004-0635
- NOTE: covered by DSA-528
+ {DSA-528}
CAN-2004-0634
- ethereal 0.10.5
CAN-2004-0633
@@ -984,6 +977,7 @@
CAN-2004-0624
NOTE: not-for-us (Artmedic links)
CAN-2004-0623
+ {DSA-590-1}
- gnats 4.0-6.1
CAN-2004-0622
NOTE: not-for-us (MacOS)
@@ -1030,27 +1024,27 @@
CAN-2004-0602
NOTE: not-for-us (FreeBSD)
CAN-2004-0601
- NOTE: reserved
+ TODO: check
CAN-2004-0600
- samba 3.0.5
CAN-2004-0599
- NOTE: covered by DSA-536
+ {DSA-536}
CAN-2004-0598
- NOTE: covered by DSA-536
+ {DSA-536}
CAN-2004-0597
- NOTE: covered by DSA-536
+ {DSA-536}
CAN-2004-0596
TODO: fix line below: what version?
CAN-2004-0595
- NOTE: covered by DSA-531
+ {DSA-531}
CAN-2004-0594
- NOTE: covered by DSA-531
+ {DSA-531}
CAN-2004-0593
NOTE: not-for-us (Sygate Enforcer)
CAN-2004-0592
NOTE: reserved
CAN-2004-0591
- NOTE: covered by DSA-533
+ {DSA-533}
CAN-2004-0590
- freeswan 2.04-10
- openswan 2.2.0
@@ -1067,18 +1061,18 @@
CAN-2004-0584
- imp 3.2.4
CAN-2004-0583
- NOTE: covered by DSA-526
+ {DSA-526}
- usermin 1.090-1
- webmin 1.150-1
CAN-2004-0582
- NOTE: covered by DSA-526
+ {DSA-526}
- usermin 1.090-1
CAN-2004-0581
NOTE: not-for-us (Mandrake script)
CAN-2004-0580
NOTE: not-for-us (Linksys routers)
CAN-2004-0579
- NOTE: covered by DSA-522
+ {DSA-522}
CAN-2004-0578
NOTE: not-for-us (Wingate)
CAN-2004-0577
@@ -1109,11 +1103,9 @@
NOTE: ia64 only
NOTE: appears fixed in 2.4.27/2.6.8
CAN-2004-0564
- NOTE: reserved
- NOTE: covered by DSA-557-1
+ {DSA-557-1}
CAN-2004-0563
- NOTE: reserved
- NOTE: covered by DSA-555-1
+ {DSA-555-1}
CAN-2004-0562
NOTE: reserved
CAN-2004-0561
@@ -1121,11 +1113,11 @@
CAN-2004-0560
NOTE: reserved
CAN-2004-0559
- NOTE: covered by DSA-544-1
+ {DSA-544-1}
CAN-2004-0558
- NOTE: covered by DSA-545-1
+ {DSA-545-1}
CAN-2004-0557
- NOTE: covered by DSA-565-1
+ {DSA-565-1}
CAN-2004-0556
NOTE: reserved
CAN-2004-0555
@@ -1145,7 +1137,7 @@
CAN-2004-0548
- aspell 0.50.5-3
CAN-2004-0547
- NOTE: covered by DSA-516
+ {DSA-516}
CAN-2004-0546
NOTE: reserved
CAN-2004-0545
@@ -1193,15 +1185,15 @@
CAN-2004-0524
NOTE: not-for-us (Change_passwd SquirrelMail plugin not present in debian)
CAN-2004-0523
- NOTE: covered by DSA-520
+ {DSA-520}
CAN-2004-0522
- NOTE: covered by DSA-512
+ {DSA-512}
CAN-2004-0521
- NOTE: covered by DSA-535
+ {DSA-535}
CAN-2004-0520
- NOTE: covered by DSA-535
+ {DSA-535}
CAN-2004-0519
- NOTE: covered by DSA-535
+ {DSA-535}
CAN-2004-0518
NOTE: not-for-us (MacOS)
CAN-2004-0517
@@ -1215,11 +1207,11 @@
CAN-2004-0513
NOTE: not-for-us (MacOS)
CAN-2004-0512
- NOTE: reserved
+ TODO: check
CAN-2004-0511
- NOTE: reserved
+ TODO: check
CAN-2004-0510
- NOTE: reserved
+ TODO: check
CAN-2004-0509
NOTE: reserved
CAN-2004-0508
@@ -1255,7 +1247,7 @@
CAN-2004-0493
- apache2 2.0.50-1
CAN-2004-0492
- NOTE: covered by DSA-525
+ {DSA-525}
- apache 1.3.31-2
CAN-2004-0491
NOTE: reserved
@@ -1264,7 +1256,7 @@
CAN-2004-0489
NOTE: not-for-us (MacOS)
CAN-2004-0488
- NOTE: covered by DSA-532
+ {DSA-532}
- apache2 2.0.50-1
CAN-2004-0487
NOTE: not-for-us (Norton)
@@ -1327,28 +1319,28 @@
CAN-2004-0459
NOTE: not-for-us (DOS in 802.11 protocol)
CAN-2004-0458
- NOTE: covered by DSA-503
+ {DSA-503}
- mah-jong 1.6.2-1
CAN-2004-0457
- NOTE: covered by DSA-540
+ {DSA-540}
CAN-2004-0456
- NOTE: covered by DSA-527
+ {DSA-527}
CAN-2004-0455
- NOTE: covered by DSA-523
+ {DSA-523}
CAN-2004-0454
- NOTE: covered by DSA-524
+ {DSA-524}
CAN-2004-0453
- vice 1.14-2
CAN-2004-0452
NOTE: reserved
CAN-2004-0451
- NOTE: covered by DSA-521
+ {DSA-521}
CAN-2004-0450
- NOTE: covered by DSA-513
+ {DSA-513}
CAN-2004-0449
NOTE: reserved
CAN-2004-0448
- NOTE: covered by DSA-510
+ {DSA-510}
CAN-2004-0447
NOTE: fixed in linux 2.4.26
CAN-2004-0446
@@ -1376,7 +1368,7 @@
CAN-2004-0435
NOTE: not-for-us (FreeBSD)
CAN-2004-0434
- NOTE: covered by DSA-504
+ {DSA-504}
CAN-2004-0433
NOTE: mplayer not in Debian
- xine-lib 1-rc4
@@ -1393,7 +1385,7 @@
CAN-2004-0427
NOTE: fixed after 2.6.6/2.4.26 kernel
CAN-2004-0426
- NOTE: covered by DSA-499
+ {DSA-499}
CAN-2004-0425
NOTE: not-for-us (windows)
CAN-2004-0424
@@ -1403,22 +1395,22 @@
NOTE: --enable-logfile is used in ./configure
NOTE: The package doesn't enable that flag so it is safe.
CAN-2004-0422
- NOTE: covered by DSA-500
+ {DSA-500}
CAN-2004-0421
- NOTE: covered by DSA-498
+ {DSA-498}
CAN-2004-0420
NOTE: not-for-us (windows)
CAN-2004-0419
NOTE: reserved (baruch)
CAN-2004-0418
+ {DSA-519}
- cvs 1:1.12.9-1
- NOTE: covered by DSA-519
CAN-2004-0417
+ {DSA-519}
- cvs 1:1.12.9-1
- NOTE: covered by DSA-519
CAN-2004-0416
+ {DSA-519}
- cvs 1:1.12.9-1
- NOTE: covered by DSA-519
CAN-2004-0415
NOTE: fixed in 2.4.27-rc6
CAN-2004-0414
@@ -1428,55 +1420,55 @@
CAN-2004-0412
- mailman 2.1.4-5
CAN-2004-0411
- NOTE: covered by DSA-518
+ {DSA-518}
CAN-2004-0410
NOTE: reserved
NOTE: An empty CAN, never published.
CAN-2004-0409
- NOTE: covered by DSA-493
+ {DSA-493}
- chat 2.0.8-1
CAN-2004-0408
- NOTE: covered by DSA-494
+ {DSA-494}
CAN-2004-0407
NOTE: not-for-us (ColdFusion)
CAN-2004-0406
NOTE: reserved
CAN-2004-0405
- NOTE: covered by DSA-486
+ {DSA-486}
- cvs 1:1.12.5-4
CAN-2004-0404
- NOTE: covered by DSA-488
+ {DSA-488}
CAN-2004-0403
- racoon 0.3.1-3
CAN-2004-0402
- NOTE: covered by DSA-508
+ {DSA-508}
CAN-2004-0401
- libtasn1 0.1.2-2
CAN-2004-0400
- NOTE: covered by DSA-501
+ {DSA-502 DSA-501}
- exim 3.36-11
CAN-2004-0399
- NOTE: covered by DSA-501
+ {DSA-502 DSA-501}
- exim 3.36-11
-CAN-2004-0398
- NOTE: covered by DSA-506
begin claimed by greuff-guest (due 31 Oct)
+CAN-2004-0398
+ {DSA-507 DSA-506}
CAN-2004-0397
- subversion 1.0.3-1
NOTE: fix history: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=249791
CAN-2004-0396
- NOTE: covered by DSA-505
+ {DSA-505}
- cvs 1:1.12.5-6
CAN-2004-0395
- NOTE: covered by DSA-509
+ {DSA-509}
CAN-2004-0394
NOTE: apparently not very exploitable, does not affect 2.6
NOTE: patch: http://www.ultramonkey.org/bugs/cve-patch/CAN-2004-0394.patch
NOTE: not fixed in 2.4.27 by inspection, didn't bother with a bug
CAN-2004-0393
- NOTE: covered by DSA-524
+ {DSA-524}
CAN-2004-0392
- apache 1.3.31-2
CAN-2004-0391
@@ -1486,7 +1478,7 @@
CAN-2004-0389
NOTE: not-for-us (RealNetworks Helix Universal Server)
CAN-2004-0388
- NOTE: covered by DSA-483
+ {DSA-483}
CAN-2004-0387
NOTE: not-for-us (RealPlayer plugin)
CAN-2004-0386
@@ -1500,7 +1492,7 @@
CAN-2004-0382
NOTE: not-for-us (CUPS printing system in Mac OS X)
CAN-2004-0381
- NOTE: covered by DSA-483
+ {DSA-483}
CAN-2004-0380
NOTE: not-for-us (Microsoft Outlook Express)
CAN-2004-0379
@@ -1510,22 +1502,22 @@
CAN-2004-0377
NOTE: not-for-us (perl; Win32 is affected, UNIX systems not)
CAN-2004-0376
- NOTE: covered by DSA-473
+ {DSA-473}
CAN-2004-0375
NOTE: not-for-us (Symantec Norton Internet Security)
CAN-2004-0374
- NOTE: covered by DSA-471
+ {DSA-471}
CAN-2004-0373
NOTE: reserved
CAN-2004-0372
- NOTE: covered by DSA-477
+ {DSA-477}
CAN-2004-0371
- NOTE: covered by DSA-476
-CAN-2004-0370
- NOTE: not-for-us (KAME)
+ {DSA-476}
end claimed by greuff-guest
+CAN-2004-0370
+ NOTE: not-for-us (KAME)
CAN-2004-0369
NOTE: reserved
CAN-2004-0368
@@ -1533,7 +1525,7 @@
CAN-2004-0367
- ethereal 0.10.3
CAN-2004-0366
- NOTE: covered by DSA-469
+ {DSA-469}
CAN-2004-0365
- ethereal 0.10.3
CAN-2004-0364
@@ -1652,11 +1644,11 @@
NOTE: not-for-us (OWLS 1.0)
CAN-2004-0301
NOTE: not-for-us (Online Store Kit)
-CAN-2004-0300
- NOTE: not-for-us (Online Store Kit)
begin claimed by greuff-guest
+CAN-2004-0300
+ NOTE: not-for-us (Online Store Kit)
CAN-2004-0299
NOTE: not-for-us (smallftpd; not in Debian)
CAN-2004-0298
@@ -1773,15 +1765,15 @@
CAN-2004-0236
NOTE: not-for-us (thePHOTOtool)
CAN-2004-0235
- NOTE: covered by DSA-515
+ {DSA-515}
CAN-2004-0234
- NOTE: covered by DSA-515
+ {DSA-515}
CAN-2004-0233
NOTE: not-for-us (utempter)
CAN-2004-0232
- NOTE: covered by DSA-497
+ {DSA-497}
CAN-2004-0231
- NOTE: covered by DSA-497
+ {DSA-497}
CAN-2004-0230
NOTE: not-for-us (famous TCP RST bug)
CAN-2004-0229
@@ -1791,7 +1783,7 @@
CAN-2004-0227
NOTE: not-for-us (ZoneMinder)
CAN-2004-0226
- NOTE: covered by DSA-497
+ {DSA-497}
CAN-2004-0225
NOTE: reserved
CAN-2004-0224
@@ -1857,32 +1849,32 @@
CAN-2004-0192
NOTE: not-for-us (Symantec Gateway Security)
CAN-2004-0189
- NOTE: covered by DSA-474
+ {DSA-474}
CAN-2004-0188
- NOTE: covered by DSA-461
+ {DSA-461}
CAN-2004-0187
NOTE: rejected
CAN-2004-0186
- NOTE: covered by DSA-463
+ {DSA-463}
CAN-2004-0184
- NOTE: covered by DSA-478
+ {DSA-478}
- tcpdump 3.7.2-4
CAN-2004-0183
- NOTE: covered by DSA-478
+ {DSA-478}
- tcpdump 3.7.2-4
CAN-2004-0182
NOTE: not-for-us (mailman; RedHat specific bug)
CAN-2004-0181
NOTE: fixed in 2.4.26-pre5
CAN-2004-0180
- NOTE: covered by DSA-486
+ {DSA-486}
CAN-2004-0179
- NOTE: covered by DSA-487
+ {DSA-487}
CAN-2004-0178
- NOTE: covered by DSA-479
+ {DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
NOTE: fixed in 2.4.26-pre3
CAN-2004-0177
- NOTE: covered by DSA-479
+ {DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
NOTE: fixed in 2.4.26-pre4
CAN-2004-0176
- ethereal 0.10.3-1
@@ -1913,29 +1905,29 @@
CAN-2004-0161
NOTE: not-for-us (general MIME bug with security gateways)
CAN-2004-0160
- NOTE: covered by DSA-446
+ {DSA-446}
CAN-2004-0159
- NOTE: covered by DSA-447
+ {DSA-447}
CAN-2004-0158
- NOTE: covered by DSA-445
+ {DSA-445}
CAN-2004-0157
- NOTE: covered by DSA-484
+ {DSA-484}
CAN-2004-0156
- NOTE: covered by DSA-485
+ {DSA-485}
CAN-2004-0155
- racoon 0.2.5-2
CAN-2004-0154
- nfs-utils 1:1.0.5-3
CAN-2004-0153
- NOTE: covered by DSA-468
+ {DSA-468}
CAN-2004-0152
- NOTE: covered by DSA-468
+ {DSA-468}
CAN-2004-0151
- NOTE: covered by DSA-462
+ {DSA-462}
CAN-2004-0150
- NOTE: covered by DSA-458
+ {DSA-458-2 DSA-458}
CAN-2004-0149
- NOTE: covered by DSA-451
+ {DSA-451}
CAN-2004-0147
NOTE: reserved
CAN-2004-0146
@@ -1991,24 +1983,24 @@
CAN-2004-0112
- openssl 0.9.7d-1
CAN-2004-0111
- NOTE: covered by DSA-464
+ {DSA-464}
CAN-2004-0110
- NOTE: covered by DSA-455
+ {DSA-455}
CAN-2004-0109
- NOTE: covered by DSA-479
+ {DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
NOTE: fixed in 2.4.26-rc4
CAN-2004-0108
- NOTE: covered by DSA-460
+ {DSA-460}
CAN-2004-0107
- sysstat 5.0.2-1
CAN-2004-0106
- NOTE: covered by DSA-443
+ {DSA-443}
CAN-2004-0105
- NOTE: covered by DSA-449
+ {DSA-449}
CAN-2004-0104
- NOTE: covered by DSA-449
+ {DSA-449}
CAN-2004-0103
- NOTE: covered by DSA-432
+ {DSA-432}
CAN-2004-0102
NOTE: reserved
CAN-2004-0101
@@ -2018,11 +2010,11 @@
CAN-2004-0098
NOTE: reserved
CAN-2004-0097
- NOTE: covered by DSA-448
+ {DSA-448}
CAN-2004-0094
- NOTE: covered by DSA-443
+ {DSA-443}
CAN-2004-0093
- NOTE: covered by DSA-443
+ {DSA-443}
CAN-2004-0092
NOTE: not-for-us (Safari)
CAN-2004-0091
@@ -2038,16 +2030,16 @@
CAN-2004-0085
NOTE: not-for-us (MacOS)
CAN-2004-0084
- NOTE: covered by DSA-443
+ {DSA-443}
CAN-2004-0083
- NOTE: covered by DSA-443
+ {DSA-443}
CAN-2004-0081
- NOTE: covered by DSA-465
+ {DSA-465}
CAN-2004-0079
- NOTE: covered by DSA-465
+ {DSA-465}
- openssl096 0.9.6m-1
CAN-2004-0077
- NOTE: covered by DSA-438
+ {DSA-514 DSA-475 DSA-470 DSA-466 DSA-456 DSA-454 DSA-453 DSA-450 DSA-444 DSA-442 DSA-441 DSA-440 DSA-439 DSA-438}
NOTE: fixed in 2.4.26-pre3
CAN-2004-0076
NOTE: rejected
@@ -2080,11 +2072,11 @@
CAN-2004-0058
NOTE: not-for-us (Antivir)
CAN-2004-0057
- NOTE: covered by DSA-425
+ {DSA-425}
CAN-2004-0056
NOTE: not-for-us (Nortel Networks products)
CAN-2004-0055
- NOTE: covered by DSA-425
+ {DSA-425}
CAN-2004-0054
NOTE: not-for-us (Cisco IOS)
CAN-2004-0053
@@ -2098,7 +2090,7 @@
CAN-2004-0048
NOTE: reserved
CAN-2004-0047
- NOTE: covered by DSA-430
+ {DSA-430}
CAN-2004-0046
NOTE: not-for-us (SnapStream PVS LITE)
CAN-2004-0043
@@ -2108,7 +2100,7 @@
NOTE: can't find any mention of the bug being fixed, but vsftpd doesn't
NOTE: show the beaviour described in http://www.securitytracker.com/alerts/2004/Jan/1008628.html
CAN-2004-0041
- NOTE: covered by DSA-421
+ {DSA-421}
CAN-2004-0039
NOTE: not-for-us (Check Point Firewall)
CAN-2004-0038
@@ -2122,7 +2114,7 @@
CAN-2004-0029
NOTE: not-for-us (Lotus Notes Domino)
CAN-2004-0028
- NOTE: covered by DSA-420
+ {DSA-420}
CAN-2004-0027
NOTE: reserved
CAN-2004-0026
@@ -2144,43 +2136,43 @@
CAN-2004-0018
NOTE: reserved
CAN-2004-0017
- NOTE: covered by DSA-419
+ {DSA-419}
CAN-2004-0016
- NOTE: covered by DSA-419
+ {DSA-419}
CAN-2004-0015
- NOTE: covered by DSA-418
+ {DSA-418}
CAN-2004-0014
- NOTE: covered by DSA-412
+ {DSA-412}
CAN-2004-0013
- NOTE: covered by DSA-414
+ {DSA-414}
CAN-2004-0012
NOTE: reserved
CAN-2004-0011
- NOTE: covered by DSA-416
+ {DSA-416}
CAN-2004-0010
- NOTE: covered by DSA-479
+ {DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
NOTE: fixed in 2.4.25-pre7
CAN-2004-0008
- NOTE: covered by DSA-434
+ {DSA-434}
- gaim 1:0.75-2
CAN-2004-0007
- NOTE: covered by DSA-434
+ {DSA-434}
- gaim 1:0.75-2
CAN-2004-0006
- NOTE: covered by DSA-434
+ {DSA-434}
- gaim 1:0.75-2
CAN-2004-0005
- NOTE: covered by DSA-434
+ {DSA-434}
CAN-2004-0003
- NOTE: covered by DSA-479
+ {DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
NOTE: fixed in 2.4.26-rc4
-CAN-2004-0002
- NOTE: not-for-us (FreeBSD netinet)
end claimed by greuff-guest
begin claimed by pdwerryh-guest
+CAN-2004-0002
+ NOTE: not-for-us (FreeBSD netinet)
CAN-2003-1565
NOTE: rejected
CAN-2003-1052
@@ -2230,7 +2222,7 @@
CAN-2003-1030
NOTE: not-for-us (Dameware)
CAN-2003-1029
- NOTE: covered by DSA-425
+ {DSA-425}
CAN-2003-1028
NOTE: not-for-us (microsoft)
CAN-2003-1027
@@ -2242,9 +2234,9 @@
CAN-2003-1024
NOTE: not-for-us (solaris)
CAN-2003-1023
- NOTE: covered by DSA-424
+ {DSA-424}
CAN-2003-1022,
- NOTE: covered by DSA-416
+ {DSA-416}
CAN-2003-1021
NOTE: reserved
CAN-2003-1020
@@ -2281,11 +2273,11 @@
NOTE: not-for-us (Apple)
CAN-2003-1005
NOTE: reserved
-CAN-2003-1004
- NOTE: not-for-us (Cisco)
end claimed by pdwerryh-guest
+CAN-2003-1004
+ NOTE: not-for-us (Cisco)
CAN-2003-1003
NOTE: not-for-us (Cisco)
CAN-2003-1002
@@ -2310,14 +2302,14 @@
NOTE: http://www.securityfocus.com/archive/1/348366
NOTE: possible problemsm before 1.4.2, 1.4.2 ok
CAN-2003-0989
- NOTE: covered by DSA-425
+ {DSA-425}
- tcpdump 3.8.1
CAN-2003-0987
- apache 1.3.29.0.2-5
CAN-2003-0986
NOTE: reserved
CAN-2003-0985
- NOTE: covered by DSA-413
+ {DSA-475 DSA-470 DSA-450 DSA-442 DSA-440 DSA-439 DSA-427 DSA-423 DSA-417 DSA-413}
NOTE: fixed in 2.4.24-rc1
CAN-2003-0984
NOTE: fixed in 2.4.24-rc1
@@ -2342,31 +2334,31 @@
CAN-2003-0974
NOTE: not-for-us (Applied Watch Command Center)
CAN-2003-0973
- NOTE: covered by DSA-452
+ {DSA-452}
CAN-2003-0972
- NOTE: covered by DSA-408
+ {DSA-408}
- screen 4.0.2-0.1
CAN-2003-0971
- NOTE: covered by DSA-429
+ {DSA-429}
CAN-2003-0970
NOTE: not-for-us (Sun Fire B1600)
CAN-2003-0969
- NOTE: covered by DSA-411
+ {DSA-411}
CAN-2003-0968
NOTE: freeradius module in question is not built in debian package
NOTE: buffer overflow apparently fixed in freeradius 1.0.1
CAN-2003-0967
- freeradius 0.9.2-4
CAN-2003-0965
- NOTE: covered by DSA-436
+ {DSA-436}
CAN-2003-0964
NOTE: rejected
CAN-2003-0963
- lftp 2.6.10
CAN-2003-0962
- NOTE: covered by DSA-404
+ {DSA-404}
CAN-2003-0961
- NOTE: covered by DSA-403
+ {DSA-475 DSA-470 DSA-450 DSA-442 DSA-440 DSA-439 DSA-433 DSA-423 DSA-417 DSA-403}
NOTE: do_brk hole
NOTE: fixed in 2.4.23-pre7
CAN-2003-0960
@@ -2392,7 +2384,7 @@
CAN-2003-0950
NOTE: not-for-us (PeopleSoft PeopleTools)
CAN-2003-0949
- NOTE: covered by DSA-405
+ {DSA-405}
CAN-2003-0948
NOTE: not vulnerable, iwconfig not setuid/setgid in Debian.
CAN-2003-0947
@@ -2424,9 +2416,9 @@
CAN-2003-0934
NOTE: not-for-us (Symbol Access Portable Data Terminal)
CAN-2003-0933
- NOTE: covered by DSA-398
+ {DSA-398}
CAN-2003-0932
- NOTE: covered by DSA-400
+ {DSA-400}
CAN-2003-0931
NOTE: not-for-us (Sygate Enforcer)
CAN-2003-0930
@@ -2442,7 +2434,7 @@
CAN-2003-0925
- ethereal 0.9.16-0.1
CAN-2003-0924
- NOTE: covered by DSA-426
+ {DSA-426}
CAN-2003-0923
NOTE: reserved
CAN-2003-0922
@@ -2462,7 +2454,7 @@
CAN-2003-0915
NOTE: reserved
CAN-2003-0914
- NOTE: covered by DSA-409
+ {DSA-409}
CAN-2003-0913
NOTE: not-for-us (MacOS)
CAN-2003-0912
@@ -2482,16 +2474,16 @@
CAN-2003-0904
NOTE: not-for-us (Windows)
CAN-2003-0902
- NOTE: covered by DSA-402
+ {DSA-402}
CAN-2003-0901
- NOTE: covered by DSA-397
-CAN-2003-0900
- NOTE: reserved
+ {DSA-397}
begin claimed by pdwerryh-guest
+CAN-2003-0900
+ NOTE: reserved
CAN-2003-0899
- NOTE: covered by DSA-396
+ {DSA-396}
CAN-2003-0898
NOTE: not-for-us (IBM DB2)
CAN-2003-0897
@@ -2517,7 +2509,7 @@
CAN-2003-0887
NOTE: reserved
CAN-2003-0886
- NOTE: covered by DSA-401
+ {DSA-401}
CAN-2003-0885
NOTE: reserved
CAN-2003-0884
@@ -2561,9 +2553,9 @@
CAN-2003-0867
NOTE: rejected
CAN-2003-0866
- NOTE: covered by DSA-395
+ {DSA-395}
CAN-2003-0865
- NOTE: covered by DSA-435
+ {DSA-435}
- mpg123 0.59r-15
CAN-2003-0864
- ircd-irc2 2.10.3p5-1
@@ -2580,11 +2572,11 @@
CAN-2003-0859
NOTE: affects glibc 2.2.4, Debian uses 2.3.2
CAN-2003-0858
- NOTE: covered by DSA-415
+ {DSA-415}
CAN-2003-0857
NOTE: reserved
CAN-2003-0856
- NOTE: covered by DSA-492
+ {DSA-492}
- iproute 20010824-13.1
CAN-2003-0855
- pan 0.13.4-1
@@ -2597,12 +2589,12 @@
CAN-2003-0851
NOTE: affects openssl 0.9.6. Testing uses 0.9.7.
CAN-2003-0850
- NOTE: covered by DSA-410
+ {DSA-410}
- libnids1 1.18-1
CAN-2003-0849
- cfengine2 2.0.9+2.1.0b3-1
CAN-2003-0848
- NOTE: covered by DSA-428
+ {DSA-428}
- slocate 2.7-3
CAN-2003-0847
NOTE: not-for-us (SuSE)
@@ -2636,20 +2628,20 @@
CAN-2003-0834
NOTE: not-for-us (CDE)
CAN-2003-0833
- NOTE: covered by DSA-392
+ {DSA-392}
- webfs 1.20
CAN-2003-0832
- NOTE: covered by DSA-392
+ {DSA-392}
- webfs 1.20
CAN-2003-0831
- proftpd 1.2.9-1
CAN-2003-0830
- NOTE: covered by DSA-390
+ {DSA-390}
NOTE: marbles package not in testing or unstable
CAN-2003-0829
NOTE: reserved
CAN-2003-0828
- NOTE: covered by DSA-391
+ {DSA-391}
- freesweep 0.88-4.1
CAN-2003-0827
NOTE: not-for-us (IBM DB2)
@@ -2694,7 +2686,7 @@
CAN-2003-0806
NOTE: not-for-us (microsoft)
CAN-2003-0805
- NOTE: covered by DSA-387
+ {DSA-387}
NOTE: gopherd not in testing or unstable (deprecated)
CAN-2003-0804
NOTE: not-for-us (BSD)
@@ -2704,11 +2696,11 @@
NOTE: not-for-us (Nokia)
CAN-2003-0801
NOTE: not-for-us (Nokia)
-CAN-2003-0800
- NOTE: reserved
end claimed by pdwerryh-guest
+CAN-2003-0800
+ NOTE: reserved
CAN-2003-0799
NOTE: reserved
CAN-2003-0798
@@ -2718,7 +2710,7 @@
CAN-2003-0796
NOTE: not-for-us (SGI IRIX)
CAN-2003-0795
- NOTE: covered by DSA-415
+ {DSA-415}
CAN-2003-0794
- gdm 2.4.4.4
CAN-2003-0793
@@ -2738,31 +2730,31 @@
CAN-2003-0786
-ssh 1:3.7.1p2
CAN-2003-0785
- NOTE: covered by DSA-389
+ {DSA-389}
CAN-2003-0784
NOTE: not-for-us (IBM TSM)
CAN-2003-0783
- NOTE: covered by DSA-385
+ {DSA-385}
CAN-2003-0782
- NOTE: covered by DSA-467
+ {DSA-467}
CAN-2003-0781
- NOTE: covered by DSA-467
+ {DSA-467}
CAN-2003-0780
- NOTE: covered by DSA-381
+ {DSA-381}
CAN-2003-0779
- asterisk 0.7.0
CAN-2003-0778
- NOTE: covered by DSA-379
+ {DSA-379}
CAN-2003-0777
- NOTE: covered by DSA-379
+ {DSA-379}
CAN-2003-0776
- NOTE: covered by DSA-379
+ {DSA-379}
CAN-2003-0775
- NOTE: covered by DSA-379
+ {DSA-379}
CAN-2003-0774
- NOTE: covered by DSA-379
+ {DSA-379}
CAN-2003-0773
- NOTE: covered by DSA-379
+ {DSA-379}
CAN-2003-0772
NOTE: not-for-us (WS_FTP server)
CAN-2003-0771
@@ -2822,7 +2814,7 @@
CAN-2003-0744
- leafnode 1.9.42
CAN-2003-0743
- NOTE: covered by DSA-376
+ {DSA-376}
CAN-2003-0742
NOTE: not-for-us (SCO)
CAN-2003-0741
@@ -2850,7 +2842,7 @@
CAN-2003-0731
NOTE: not-for-us (cisco)
CAN-2003-0730
- NOTE: covered by DSA-380
+ {DSA-380}
CAN-2003-0729
NOTE: not-for-us (tellurian tftpdNT)
CAN-2003-0728
@@ -2896,13 +2888,13 @@
CAN-2003-0709
- whois 4.6.7
CAN-2003-0708
- NOTE: covered by DSA-375
+ {DSA-375}
CAN-2003-0707
- NOTE: covered by DSA-375
+ {DSA-375}
CAN-2003-0706
- NOTE: covered by DSA-378
+ {DSA-378}
CAN-2003-0705
- NOTE: covered by DSA-378
+ {DSA-378}
CAN-2003-0704
NOTE: not-for-us (KisMAC for Mac OS X)
CAN-2003-0703
@@ -2923,21 +2915,18 @@
CAN-2003-0696
NOTE: not-for-us (AIX)
CAN-2003-0695
- NOTE: covered by DSA-382
- NOTE: covered by DSA-383
+ {DSA-383 DSA-382}
CAN-2003-0694
- NOTE: covered by DSA-384
+ {DSA-384}
CAN-2003-0693
- NOTE: covered by DSA-382
- NOTE: covered by DSA-383
+ {DSA-383 DSA-382}
- openssh 1:3.6.1p2-6.0
CAN-2003-0692
- NOTE: covered by DSA-388
+ {DSA-388}
CAN-2003-0691
NOTE: reserved
CAN-2003-0690
- NOTE: covered by DSA-388
- NOTE: covered by DSA-443
+ {DSA-443 DSA-388}
CAN-2003-0689
- libc6 2.2.5
CAN-2003-0688
@@ -2945,19 +2934,18 @@
CAN-2003-0687
NOTE: rejected
CAN-2003-0686
- NOTE: covered by DSA-374
+ {DSA-374}
CAN-2003-0685
- NOTE: covered by DSA-372
+ {DSA-372}
CAN-2003-0684
NOTE: reserved
CAN-2003-0683
NOTE: not-for-us (SGI)
CAN-2003-0682
- NOTE: covered by DSA-382
- NOTE: covered by DSA-383
+ {DSA-383 DSA-382}
- openssh 1:3.6.1p2-9
CAN-2003-0681
- NOTE: covered by DSA-384
+ {DSA-384}
CAN-2003-0680
NOTE: not-for-us (SGI IRIX)
CAN-2003-0679
@@ -2969,7 +2957,7 @@
CAN-2003-0676
NOTE: not-for-us (Sun iPlanet)
CAN-2003-0672
- NOTE: covered by DSA-370
+ {DSA-370}
CAN-2003-0671
NOTE: not-for-us (sustworks IPNetSentryX)
CAN-2003-0670
@@ -2999,36 +2987,36 @@
CAN-2003-0658
NOTE: not-for-us (docview / caldera)
CAN-2003-0657
- NOTE: covered by DSA-365
+ {DSA-365}
CAN-2003-0656
- NOTE: covered by DSA-366
+ {DSA-366}
CAN-2003-0655
- cdrecord 4:2.0+a18-1
CAN-2003-0654
- NOTE: covered by DSA-373
+ {DSA-373}
CAN-2003-0653
NOTE: not-for-us (NetBSD)
CAN-2003-0652
- NOTE: covered by DSA-367
+ {DSA-367}
CAN-2003-0651
NOTE: not-for-us (mod_mylo for apache) not in debian
CAN-2003-0650
NOTE: not-for-us (gamespy)
CAN-2003-0649
- NOTE: covered by DSA-368
+ {DSA-368}
CAN-2003-0648
- NOTE: covered by DSA-472
+ {DSA-472}
CAN-2003-0647
NOTE: not-for-us (Cisco)
CAN-2003-0646
NOTE: not-for-us (ActiveX)
CAN-2003-0645
- NOTE: covered by DSA-364
+ {DSA-364}
CAN-2003-0644
NOTE: reserved
CAN-2003-0643
NOTE: reserved
- NOTE: covered by DSA-358
+ {DSA-358}
NOTE: fixed in 2.4.22-pre10 (Introduced in 2.4.3-pre3)
CAN-2003-0642
NOTE: not-for-us (Watchguard / win)
@@ -3055,7 +3043,7 @@
CAN-2003-0631
NOTE: not-for-us (VMware)
CAN-2003-0630
- NOTE: covered by DSA-359
+ {DSA-359}
CAN-2003-0629
NOTE: not-for-us (peoplesoft)
CAN-2003-0628
@@ -3065,7 +3053,7 @@
CAN-2003-0626
NOTE: reserved
CAN-2003-0625
- NOTE: covered by DSA-360
+ {DSA-360}
CAN-2003-0624
NOTE: not-for-us (BEA WebLogic)
CAN-2003-0623
@@ -3075,26 +3063,26 @@
CAN-2003-0621
NOTE: not-for-us (BEA Tuxedo)
CAN-2003-0620
- NOTE: covered by DSA-364
+ {DSA-364}
CAN-2003-0619
- NOTE: covered by DSA-358
+ {DSA-358}
NOTE: fixed in 2.4.21-pre3
CAN-2003-0618
- NOTE: covered by DSA-431
+ {DSA-431}
CAN-2003-0617
- NOTE: covered by DSA-362
+ {DSA-362}
CAN-2003-0616
NOTE: not-for-us (McAfee)
CAN-2003-0615
- NOTE: covered by DSA-371
+ {DSA-371}
CAN-2003-0614
- NOTE: covered by DSA-355
+ {DSA-355}
CAN-2003-0613
- NOTE: covered by DSA-369
+ {DSA-369}
CAN-2003-0612
- crafty 19.3-1
CAN-2003-0611
- NOTE: covered by DSA-356
+ {DSA-356}
CAN-2003-0610
NOTE: not-for-us (McAfee)
CAN-2003-0609
@@ -3102,9 +3090,9 @@
CAN-2003-0608
NOTE: reserved
CAN-2003-0607
- NOTE: covered by DSA-354
+ {DSA-354}
CAN-2003-0606
- NOTE: covered by DSA-353
+ {DSA-353}
- sup 1.8-9
CAN-2003-0605
NOTE: not-for-us (Microsoft)
@@ -3121,12 +3109,13 @@
CAN-2003-0600
NOTE: reserved
CAN-2003-0599
- NOTE: covered by DSA-365
+ {DSA-365}
CAN-2003-0598
NOTE: rejected
CAN-2003-0597
NOTE: not-for-us (Unixware)
CAN-2003-0596
+ {DSA-352}
- fdclone 2.02a
CAN-2003-0595
NOTE: not-for-us (WiTango Application Server and Tango 2000)
@@ -3136,7 +3125,7 @@
CAN-2003-0593
NOTE: not-for-us (opera)
CAN-2003-0592
- NOTE: covered by DSA-459
+ {DSA-459}
CAN-2003-0591
NOTE: rejected
CAN-2003-0590
@@ -3158,7 +3147,7 @@
CAN-2003-0582
NOTE: rejected
CAN-2003-0581
- NOTE: covered by DSA-360
+ {DSA-360}
CAN-2003-0580
NOTE: not-for-us (IBM U2 UniVerse)
CAN-2003-0579
@@ -3220,13 +3209,13 @@
CAN-2003-0553
NOTE: not-for-us (Netscape)
CAN-2003-0552
- NOTE: covered by DSA-358
+ {DSA-423 DSA-358}
NOTE: fixed in 2.4.22-pre3
CAN-2003-0551
- NOTE: covered by DSA-358
+ {DSA-423 DSA-358}
NOTE: fixed in 2.4.22-pre3
CAN-2003-0550
- NOTE: covered by DSA-358
+ {DSA-423 DSA-358}
NOTE: fixed in 2.4.22-pre3
CAN-2003-0549
- gdm 2.4.1.5
@@ -3237,11 +3226,11 @@
CAN-2003-0546
NOTE: not-for-us (up2date)
CAN-2003-0545
- NOTE: covered by DSA-393
+ {DSA-394 DSA-393}
CAN-2003-0544
- NOTE: covered by DSA-393
+ {DSA-394 DSA-393}
CAN-2003-0543
- NOTE: covered by DSA-393
+ {DSA-394 DSA-393}
CAN-2003-0542
- apache2 2.0.48
- apache 1.3.29
@@ -3249,17 +3238,17 @@
NOTE: does not affect evolution on debian
- gtkhtml 1.0.4-6.2
CAN-2003-0540
- NOTE: covered by DSA-363
+ {DSA-363}
CAN-2003-0539
- NOTE: covered by DSA-343
+ {DSA-343}
CAN-2003-0538
- NOTE: covered by DSA-342
+ {DSA-342}
CAN-2003-0537
- NOTE: covered by DSA-341
+ {DSA-341}
CAN-2003-0536
- NOTE: covered by DSA-346
+ {DSA-346}
CAN-2003-0535
- NOTE: covered by DSA-345
+ {DSA-345}
CAN-2003-0534
NOTE: reserved
CAN-2003-0533
@@ -3299,7 +3288,7 @@
CAN-2003-0516
- mgetty 1.1.29
CAN-2003-0515
- NOTE: covered by DSA-347
+ {DSA-347}
CAN-2003-0514
NOTE: not-for-us (Safari)
CAN-2003-0513
@@ -3321,18 +3310,18 @@
CAN-2003-0505
NOTE: not-for-us (Microsoft)
CAN-2003-0504
- NOTE: covered by DSA-365
+ {DSA-365}
CAN-2003-0503
NOTE: not-for-us (Microsoft)
CAN-2003-0502
NOTE: not-for-us (Apple Quicktime)
CAN-2003-0501
- NOTE: covered by DSA-358
+ {DSA-423 DSA-358}
NOTE: fixed in 2.4.22-pre10
CAN-2003-0500
- NOTE: covered by DSA-338
+ {DSA-338}
CAN-2003-0499
- NOTE: covered by DSA-335
+ {DSA-335}
CAN-2003-0498
NOTE: not-for-us (Intersystems Cache database)
CAN-2003-0497
@@ -3352,7 +3341,7 @@
CAN-2003-0490
NOTE: not-for-us (Dantz Retrospect)
CAN-2003-0489
- NOTE: covered by DSA-330
+ {DSA-330}
CAN-2003-0488
NOTE: not-for-us (Kerio Mail server)
CAN-2003-0487
@@ -3378,7 +3367,7 @@
CAN-2003-0477
- wzdftpd 0.2
CAN-2003-0476
- NOTE: covered by DSA-358
+ {DSA-423 DSA-358}
NOTE: fixed in 2.4.22-pre4
CAN-2003-0475
NOTE: not-for-us (iWeb server)
@@ -3395,11 +3384,11 @@
CAN-2003-0469
NOTE: not-for-us (microsoft)
CAN-2003-0468
- NOTE: covered by DSA-363
+ {DSA-363}
CAN-2003-0467
NOTE: fixed in linux 2.4.21
CAN-2003-0466
- NOTE: covered by DSA-357
+ TODO: check
CAN-2003-0465 strncpy in kernel does not pad with zeroes
- kernel-source-2.4.27 (unfixed; bug #280492)
NOTE: generic .c version fixed in 2.6.x but not in 2.4.x
@@ -3411,13 +3400,13 @@
CAN-2003-0463
NOTE: reserved
CAN-2003-0462
- NOTE: covered by DSA-358
+ {DSA-423 DSA-358}
CAN-2003-0461
- NOTE: covered by DSA-358
+ {DSA-423 DSA-358}
CAN-2003-0460
NOTE: not-for-us (apache for win and os/2)
CAN-2003-0459
- NOTE: covered by DSA-361
+ {DSA-361}
CAN-2003-0458
NOTE: not-for-us (HP)
CAN-2003-0457
@@ -3426,17 +3415,17 @@
CAN-2003-0456
NOTE: not-for-us (visnetic website)
CAN-2003-0455
- NOTE: covered by DSA-331
+ {DSA-331}
CAN-2003-0454
- NOTE: covered by DSA-334
+ {DSA-334}
CAN-2003-0453
- NOTE: covered by DSA-348
+ {DSA-348}
CAN-2003-0452
- NOTE: covered by DSA-329
+ {DSA-329}
CAN-2003-0451
- NOTE: covered by DSA-327
+ {DSA-327}
CAN-2003-0450
- NOTE: covered by DSA-321
+ {DSA-321}
CAN-2003-0449
NOTE: not-for-us (progress database)
CAN-2003-0448
@@ -3446,46 +3435,46 @@
CAN-2003-0446
NOTE: not-for-us (microsoft)
CAN-2003-0445
- NOTE: covered by DSA-328
+ {DSA-328}
CAN-2003-0444
- NOTE: covered by DSA-337
+ {DSA-337}
CAN-2003-0443
NOTE: reserved
CAN-2003-0442
- NOTE: covered by DSA-351
+ {DSA-351}
CAN-2003-0441
- NOTE: covered by DSA-326
+ {DSA-326}
CAN-2003-0440
- NOTE: covered by DSA-339
+ {DSA-339}
CAN-2003-0439
NOTE: reserved
CAN-2003-0438
- NOTE: covered by DSA-325
+ {DSA-325}
CAN-2003-0437
- mnogosearch-common 3.2.11
CAN-2003-0436
- mnogosearch-common 3.2.11
CAN-2003-0435
- NOTE: covered by DSA-322
+ {DSA-322}
CAN-2003-0434
NOTE: various pdf viewers
NOTE: kpdf does not seem to support hyperlinks; so not vulnerable
NOTE: gpdf 2.8.0 does not seem to be vulnerable
- xpdf 2.02pl1-1
CAN-2003-0433
- NOTE: covered by DSA-315
+ {DSA-315}
CAN-2003-0432
- NOTE: covered by DSA-324
+ {DSA-324}
CAN-2003-0431
- NOTE: covered by DSA-324
+ {DSA-324}
CAN-2003-0430
- ethereal 0.9.13
CAN-2003-0429
- NOTE: covered by DSA-324
+ {DSA-324}
CAN-2003-0428
- NOTE: covered by DSA-324
+ {DSA-324}
CAN-2003-0427
- NOTE: covered by DSA-320
+ {DSA-320}
CAN-2003-0426
NOTE: not-for-us (Apple)
CAN-2003-0425
@@ -3570,16 +3559,16 @@
CAN-2003-0386
NOTE: fixed in current openssh, which always does reverse mapping now
CAN-2003-0385
- NOTE: covered by DSA-310
+ {DSA-310}
- xaos 3.1r-4
CAN-2003-0384
NOTE: reserved
CAN-2003-0382
- NOTE: covered by DSA-309
+ {DSA-309}
CAN-2003-0381
- NOTE: covered by DSA-323
+ {DSA-323}
CAN-2003-0380
- NOTE: covered by DSA-314
+ {DSA-314}
CAN-2003-0379
NOTE: not-for-us (MaxOS)
CAN-2003-0378
@@ -3599,35 +3588,35 @@
CAN-2003-0371
NOTE: not-for-us (Prishtina FTP client)
CAN-2003-0370
- NOTE: covered by DSA-361
+ {DSA-361}
CAN-2003-0369
NOTE: reserved
CAN-2003-0368
NOTE: not-for-us (Nokia Gateway GPRS)
CAN-2003-0367
- NOTE: covered by DSA-308
+ {DSA-308}
CAN-2003-0366
- NOTE: covered by DSA-318
+ {DSA-318}
CAN-2003-0365
NOTE: not-for-us (ICQLite)
CAN-2003-0364
- NOTE: covered by DSA-336
+ {DSA-442 DSA-336 DSA-332 DSA-311}
CAN-2003-0363
NOTE: reserved
CAN-2003-0362
- NOTE: covered by DSA-307
+ {DSA-307}
CAN-2003-0361
- NOTE: covered by DSA-307
+ {DSA-307}
CAN-2003-0360
- NOTE: covered by DSA-307
+ {DSA-307}
CAN-2003-0359
- NOTE: covered by DSA-316
+ {DSA-316}
CAN-2003-0358
- NOTE: covered by DSA-316
+ {DSA-350 DSA-316}
CAN-2003-0357
- NOTE: covered by DSA-313
+ {DSA-313}
CAN-2003-0356
- NOTE: covered by DSA-313
+ {DSA-313}
CAN-2003-0355
NOTE: not-for-us (Safari)
CAN-2003-0354
@@ -3683,7 +3672,7 @@
CAN-2003-0329
NOTE: not-for-us (CesarFTP)
CAN-2003-0328
- NOTE: covered by DSA-306
+ {DSA-399 DSA-306}
CAN-2003-0327
NOTE: not-for-us (Sybase Adaptive Server Enterprise)
CAN-2003-0326
@@ -3695,13 +3684,13 @@
CAN-2003-0325
NOTE: maelstrom in sarge tests not vulnerable to exploit. Unsure when fixed.
CAN-2003-0324
- NOTE: covered by DSA-287
+ {DSA-287}
CAN-2003-0323
- NOTE: covered by DSA-291
+ {DSA-298 DSA-291}
CAN-2003-0322
- NOTE: covered by DSA-306
+ {DSA-306}
CAN-2003-0320
- NOTE: covered by DSA-306
+ TODO: check
CAN-2003-0320
NOTE: not-for-us (ttCMS)
CAN-2003-0319
@@ -3729,7 +3718,7 @@
CAN-2003-0309
NOTE: not-for-us (MSIE)
CAN-2003-0308
- NOTE: covered by DSA-305
+ {DSA-305}
CAN-2003-0307
NOTE: not-for-us (Poster version.two)
CAN-2003-0306
@@ -3784,7 +3773,7 @@
CAN-2003-0283
NOTE: not-for-us (Phorum)
CAN-2003-0282
- NOTE: covered by DSA-344
+ {DSA-344}
CAN-2003-0281
- firebird2 1.5.1-1
NOTE: firebird (1) in debian is very insecure and vulnerable, but
@@ -3826,9 +3815,9 @@
CAN-2003-0263
NOTE: not-for-us (FTGatePro)
CAN-2003-0262
- NOTE: covered by DSA-299
+ {DSA-299}
CAN-2003-0261
- NOTE: covered by DSA-302
+ {DSA-302}
CAN-2003-0260
NOTE: not-for-us (Cisco)
CAN-2003-0259
@@ -3846,7 +3835,7 @@
CAN-2003-0253
- apache2 2.0.47
CAN-2003-0252
- NOTE: covered by DSA-349
+ {DSA-349}
CAN-2003-0251
NOTE: actually, we need ypserv 2.7, nis 3.11 has ypserv 2.13
- nis 3.11
@@ -3855,15 +3844,15 @@
CAN-2003-0249
NOTE: reserved
CAN-2003-0248
- NOTE: covered by DSA-336
+ {DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
CAN-2003-0247
- NOTE: covered by DSA-336
+ {DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
CAN-2003-0246
- NOTE: covered by DSA-336
+ {DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
CAN-2003-0245
- apache2 2.0.46
CAN-2003-0244
- NOTE: covered by DSA-336
+ {DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
CAN-2003-0243
NOTE: not-for-us (Happycgi.com Happymall)
CAN-2003-0242
@@ -3923,33 +3912,33 @@
CAN-2003-0215
NOTE: not-for-us (bttlxeForum / win)
CAN-2003-0214
- NOTE: covered by DSA-292
+ {DSA-292}
CAN-2003-0213
- NOTE: covered by DSA-295
+ {DSA-295}
CAN-2003-0212
- NOTE: covered by DSA-289
+ {DSA-289}
CAN-2003-0211
- xinetd 2.3.11
CAN-2003-0210
NOTE: not-for-us (cisco)
CAN-2003-0209
- NOTE: covered by DSA-297
+ {DSA-297}
CAN-2003-0208
NOTE: not-for-us (macromedia flash)
CAN-2003-0207
- NOTE: covered by DSA-286
+ {DSA-286}
CAN-2003-0206
- NOTE: covered by DSA-294
+ {DSA-294}
CAN-2003-0205
- NOTE: covered by DSA-294
+ {DSA-294}
CAN-2003-0204
- NOTE: covered by DSA-284
+ {DSA-296 DSA-293 DSA-284}
CAN-2003-0203
- NOTE: covered by DSA-281
+ {DSA-281}
CAN-2003-0202
- NOTE: covered by DSA-279
+ {DSA-279}
CAN-2003-0201
- NOTE: covered by DSA-280
+ {DSA-280}
CAN-2003-0200
NOTE: reserved
CAN-2003-0199
@@ -3959,13 +3948,13 @@
CAN-2003-0197
NOTE: not-for-us (Interbase Database)
CAN-2003-0196
- NOTE: covered by DSA-280
+ {DSA-280}
CAN-2003-0195
- NOTE: covered by DSA-317
+ {DSA-317}
CAN-2003-0194
NOTE: apparently a redhat specific compilation prolem of tcpdump
CAN-2003-0193
- NOTE: covered by DSA-576-1
+ {DSA-575-1}
- catdoc 0.91.5-2
CAN-2003-0192
- apache2 2.0.47
@@ -3974,7 +3963,7 @@
CAN-2003-0189
- apache2 2.0.46
CAN-2003-0188
- NOTE: covered by DSA-304
+ {DSA-304}
CAN-2003-0187
NOTE: only affects kernel 2.4.19, 2.4.20.
CAN-2003-0186
@@ -4004,7 +3993,7 @@
CAN-2003-0174
NOTE: not-for-us (IRIX)
CAN-2003-0173
- NOTE: covered by DSA-283
+ {DSA-283}
CAN-2003-0172
NOTE: not belived to be vulnerable (http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2)
CAN-2003-0171
@@ -4016,7 +4005,7 @@
CAN-2003-0168
NOTE: not-for-us (Apple QuickTime Player)
CAN-2003-0167
- NOTE: covered by DSA-274
+ {DSA-300 DSA-274}
CAN-2003-0166
NOTE: not belived to be vulnerable (http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2)
CAN-2003-0165
@@ -4026,9 +4015,9 @@
CAN-2003-0163
NOTE: Gaim-Encryption Plugin not in debian
CAN-2003-0162
- NOTE: covered by DSA-271
+ {DSA-271}
CAN-2003-0161
- NOTE: covered by DSA-278
+ {DSA-290 DSA-278}
CAN-2003-0160
- squirrelmail 1:1.2.11
CAN-2003-0159
@@ -4038,47 +4027,47 @@
CAN-2003-0157
NOTE: rejected
CAN-2003-0156
- NOTE: covered by DSA-264
+ {DSA-264}
CAN-2003-0155
- NOTE: covered by DSA-265
+ {DSA-265}
CAN-2003-0154
- NOTE: covered by DSA-265
+ {DSA-265}
CAN-2003-0153
- NOTE: covered by DSA-265
+ {DSA-265}
CAN-2003-0152
- NOTE: covered by DSA-265
+ {DSA-265}
CAN-2003-0151
NOTE: not-for-us (BEA WebLogic Server)
CAN-2003-0150
- NOTE: covered by DSA-303
+ {DSA-303}
CAN-2003-0149
NOTE: not-for-us (McAfee ePolicy Orchestrator)
CAN-2003-0148
NOTE: not-for-us (McAfee ePolicy Orchestrator)
CAN-2003-0147
- NOTE: covered by DSA-288
+ {DSA-288}
CAN-2003-0146
- NOTE: covered by DSA-263
+ {DSA-263}
CAN-2003-0145
- NOTE: covered by DSA-261
+ {DSA-261}
CAN-2003-0144
- NOTE: covered by DSA-267
+ {DSA-275 DSA-267}
CAN-2003-0143
- NOTE: covered by DSA-259
+ {DSA-259}
CAN-2003-0142
NOTE: not-for-us (acroread)
CAN-2003-0141
NOTE: not-for-us (Real)
CAN-2003-0140
- NOTE: covered by DSA-268
+ {DSA-268}
CAN-2003-0139
- NOTE: covered by DSA-266
+ {DSA-273 DSA-266}
CAN-2003-0138
- NOTE: covered by DSA-266
+ {DSA-273 DSA-269 DSA-266}
CAN-2003-0137
NOTE: not-for-us (Nokia Serving GPRS support node)
CAN-2003-0136
- NOTE: covered by DSA-285
+ {DSA-285}
CAN-2003-0135
NOTE: red-hat specific compilation problem of vsftpd
CAN-2003-0134
@@ -4088,7 +4077,7 @@
CAN-2003-0132
- apache2 2.0.45
CAN-2003-0131
- NOTE: covered by DSA-288
+ {DSA-288}
CAN-2003-0130
- evolution 1.2.3
CAN-2003-0129
@@ -4096,13 +4085,13 @@
CAN-2003-0128
- evolution 1.2.3
CAN-2003-0127
- NOTE: covered by DSA-270
+ {DSA-495 DSA-423 DSA-336 DSA-332 DSA-312 DSA-311 DSA-276 DSA-270}
CAN-2003-0126
NOTE: not-for-us (SOHO Routefinder 550 firmware)
CAN-2003-0121
NOTE: not-for-us (Clearswift MAILsweeper)
CAN-2003-0120
- NOTE: covered by DSA-256
+ {DSA-256}
CAN-2003-0119
NOTE: not-for-us (AIX)
CAN-2003-0118
@@ -4126,24 +4115,24 @@
CAN-2003-0109
NOTE: not-for-us (Microsoft)
CAN-2003-0108
- NOTE: covered by DSA-255
+ {DSA-255}
- tcpdump 3.7.1-1.2
CAN-2003-0106
NOTE: not-for-us (Symantec Enterprise Firewall)
CAN-2003-0105
NOTE: not-for-us (ServerMask)
CAN-2003-0102
- NOTE: covered by DSA-260
+ {DSA-260}
CAN-2003-0101
- NOTE: covered by DSA-319
+ {DSA-319}
CAN-2003-0099
- NOTE: covered by DSA-277
+ {DSA-277}
CAN-2003-0098
- NOTE: covered by DSA-277
+ {DSA-277}
CAN-2003-0096
NOTE: not-for-us (Oracle)
CAN-2003-0093
- NOTE: covered by DSA-261
+ {DSA-261}
CAN-2003-0092
NOTE: not-for-us (Solaris)
CAN-2003-0091
@@ -4153,44 +4142,44 @@
CAN-2003-0089
NOTE: not-for-us (HP-UX)
CAN-2003-0086
- NOTE: covered by DSA-262
+ {DSA-262}
CAN-2003-0085
- NOTE: covered by DSA-262
+ {DSA-262}
CAN-2003-0084
NOTE: mod_auth_any not in Debian
CAN-2003-0083
- apache2 2.0.46
- apache 1.3.25
CAN-2003-0082
- NOTE: covered by DSA-266
+ {DSA-266}
CAN-2003-0081
- NOTE: covered by DSA-258
+ {DSA-258}
CAN-2003-0080
- gnome-lokkit 0.50.22-4
CAN-2003-0078
- NOTE: covered by DSA-253
+ {DSA-253}
CAN-2003-0076
- dcgui 0.2.2
CAN-2003-0074
- plptools 0.12-0
CAN-2003-0073
- NOTE: covered by DSA-303
+ {DSA-303}
CAN-2003-0072
- NOTE: covered by DSA-266
+ {DSA-266}
CAN-2003-0071
- NOTE: covered by DSA-380
+ {DSA-380}
CAN-2003-0068
- NOTE: covered by DSA-496
+ {DSA-496}
CAN-2003-0063
- NOTE: covered by DSA-380
+ {DSA-380}
CAN-2003-0061
NOTE: reserved
CAN-2003-0060
- krb5 1.2.4
CAN-2003-0057
- NOTE: covered by DSA-248
+ {DSA-248}
CAN-2003-0056
- NOTE: covered by DSA-252
+ {DSA-252}
CAN-2003-0049
NOTE: not-for-us (MacOS)
CAN-2003-0048
@@ -4200,22 +4189,22 @@
CAN-2003-0046
NOTE: not-for-us (commercial ssh clients)
CAN-2003-0044
- NOTE: covered by DSA-246
+ {DSA-246}
CAN-2003-0043
- NOTE: covered by DSA-246
+ {DSA-246}
CAN-2003-0042
- NOTE: covered by DSA-246
+ {DSA-246}
CAN-2003-0041
NOTE: verified sarge version of krb5-clients not vulnerable
NOTE: nothing in changelogs
CAN-2003-0040
- NOTE: covered by DSA-247
+ {DSA-247}
CAN-2003-0039
- NOTE: covered by DSA-245
+ {DSA-245}
CAN-2003-0038
- NOTE: covered by DSA-436
+ {DSA-436}
CAN-2003-0037
- NOTE: covered by DSA-244
+ {DSA-244}
CAN-2003-0036
NOTE: not-for-us (ml85p, as included in the printer-drivers package for Mandrake Linux)
CAN-2003-0035
@@ -4225,39 +4214,39 @@
NOTE: chooser/mtinkc.c's version, which goes into mtinkc
NOTE: it's not installed setuid or setgid, so this is not exploitable
CAN-2003-0033
- NOTE: covered by DSA-297
+ {DSA-297}
CAN-2003-0032
- NOTE: covered by DSA-228
+ {DSA-228}
CAN-2003-0031
- NOTE: covered by DSA-228
+ {DSA-228}
CAN-2003-0030
NOTE: not-for-us (Protegrity Secure.Data Extension Feature)
CAN-2003-0029
NOTE: reserved
CAN-2003-0028
- NOTE: covered by DSA-266
+ {DSA-282 DSA-272 DSA-266}
CAN-2003-0026
- NOTE: covered by DSA-231
+ {DSA-231}
CAN-2003-0025
- NOTE: covered by DSA-229
+ {DSA-229}
CAN-2003-0020
- apache2 2.0.49
- apache 1.3.29.0.2-4
CAN-2003-0018
- NOTE: covered by DSA-358
+ {DSA-423 DSA-358}
CAN-2003-0017
- apache2 2.0.44
CAN-2003-0016
- apache2 2.0.44
CAN-2003-0015
- NOTE: covered by DSA-233
+ {DSA-233}
- cvs 1.11.2-5.1
CAN-2003-0014
NOTE: reserved
CAN-2003-0013
- NOTE: covered by DSA-230
+ {DSA-230}
CAN-2003-0012
- NOTE: covered by DSA-230
+ {DSA-230}
CAN-2003-0011
NOTE: not-for-us (Microsoft)
CAN-2003-0010
@@ -4268,21 +4257,21 @@
NOTE: reserved
CAN-2003-0005
NOTE: reserved
-CAN-2003-0001
- NOTE: covered by DSA-336
begin claimed by pdwerryh-guest
+CAN-2003-0001
+ {DSA-442 DSA-423 DSA-336 DSA-332 DSA-312 DSA-311}
CAN-2002-1583
NOTE: not-for-us (IBM DB2)
CAN-2002-1582
NOTE: mailreader. Affects 2.3.30 and 2.3.31.
NOTE: Sarge uses 2.3.29.
CAN-2002-1581
- NOTE: covered by DSA-534
+ {DSA-534}
- mailreader 2.3.29-9
CAN-2002-1580
- NOTE: covered by DSA-215
+ {DSA-215}
- cyrus-imapd 1.5.19-9.10
CAN-2002-1579
NOTE: not for us (SAP)
@@ -4293,7 +4282,7 @@
CAN-2002-1576
NOTE: not for us (SAP)
CAN-2002-1575
- NOTE: covered by DSA-437
+ {DSA-437}
- cgiemail 1.6-20
CAN-2002-1573
NOTE: reserved
@@ -4315,7 +4304,6 @@
CAN-2002-1566
- netris 0.52-1
CAN-2002-1565
- NOTE: covered by DSA-209
- wget 1.8.1-6.1
CAN-2002-1564
NOTE: not-for-us (microsoft)
@@ -4323,7 +4311,7 @@
- stunnel4 4.04-1
- stunnel 2:3.24-1
CAN-2002-1562
- NOTE: covered by DSA-396
+ {DSA-396}
- thttpd 2.23beta1-2.3
CAN-2002-1561
NOTE: not-for-us (microsoft)
@@ -4374,7 +4362,7 @@
CAN-2002-1512
NOTE: not-for-us (BRU)
CAN-2002-1508
- NOTE: covered by DSA-227
+ {DSA-227}
- openldap2 2.0.27-3
CAN-2002-1507
NOTE: not-for-us (Unreal)
@@ -4415,10 +4403,10 @@
CAN-2002-1480
NOTE: phpGB not in Debian
CAN-2002-1478
- NOTE: covered by DSA-164
+ {DSA-164}
- cacti 0.6.8a-2
CAN-2002-1477
- NOTE: covered by DSA-164
+ {DSA-164}
- cacti 0.6.8a-2
CAN-2002-1475
NOTE: not-for-us (HPUX)
@@ -4493,7 +4481,7 @@
CAN-2002-1426
NOTE: not-for-us (HP)
CAN-2002-1425
- NOTE: covered by DSA-141
+ {DSA-141}
- mpack 1.5-9
CAN-2002-1423
NOTE: vuln in fudforum before 2.2.0. fudforum in phpgroupware-fudforum
@@ -4509,7 +4497,7 @@
CAN-2002-1415
NOTE: not-for-us (Webeasymail)
CAN-2002-1412
- NOTE: covered by DSA-138
+ {DSA-138}
- gallery 1.3-1
CAN-2002-1411
NOTE: not-for-us (Duma)
@@ -4522,112 +4510,112 @@
CAN-2002-1406
NOTE: not-for-us (HPUX)
CAN-2002-1405
- NOTE: covered by DSA-210
+ {DSA-210}
- lynx 2.8.4.1b-3.2
- lynx-ssl 1:2.8.4.1b-3.1
CAN-2002-1404
NOTE: rejected
CAN-2002-1403
- NOTE: covered by DSA-219
+ {DSA-219}
NOTE: Debian sarge uses dhcp > 2.0
CAN-2002-1402
- NOTE: covered by DSA-165
+ {DSA-165}
- postgresql 7.2.2-2
CAN-2002-1401
- NOTE: covered by DSA-165
+ {DSA-165}
- postgresql 7.2.2-2
CAN-2002-1400
- NOTE: covered by DSA-165
+ {DSA-165}
- postgresql 7.2.2-2
CAN-2002-1399
- postgresql 7.2.2-2
CAN-2002-1398
- NOTE: covered by DSA-165
+ {DSA-165}
- postgresql 7.2.2-2
CAN-2002-1397
- postgresql 7.2.2-2
CAN-2002-1395
- NOTE: covered by DSA-202
+ {DSA-202}
- im 141-20
CAN-2002-1394
- NOTE: covered by DSA-225
+ {DSA-225}
NOTE: no problem in sarge packages
CAN-2002-1393
- NOTE: covered by DSA-234
+ {DSA-243 DSA-242 DSA-241 DSA-240 DSA-239 DSA-238 DSA-237 DSA-236 DSA-235 DSA-234}
NOTE: KDE2 not in sarge
CAN-2002-1390
- NOTE: covered by DSA-223
+ {DSA-223}
- geneweb 4.09-1
CAN-2002-1389
- NOTE: covered by DSA-217
+ {DSA-217}
- typespeed 0.4.2-2
CAN-2002-1388
- NOTE: covered by DSA-221
+ {DSA-221}
- mhonarc 2.5.14-1
CAN-2002-1387
- NOTE: covered by DSA-254
+ {DSA-254}
- traceroute-nanog 6.3.0-1
CAN-2002-1386
- NOTE: covered by DSA-254
+ {DSA-254}
- traceroute-nanog 6.3.0-1
CAN-2002-1384
- NOTE: covered by DSA-222
+ {DSA-232 DSA-226 DSA-222}
- xpdf 3.00-9
CAN-2002-1383
- NOTE: covered by DSA-232
+ {DSA-232}
- cupsys 1.1.18-1
CAN-2002-1380
- NOTE: covered by DSA-336
+ {DSA-336}
- kernel-source-2.2.25 2.2.25-2
CAN-2002-1379
- NOTE: covered by DSA-227
+ {DSA-227}
- openldap2 2.0.27-3
CAN-2002-1378
- NOTE: covered by DSA-227
+ {DSA-227}
- openldap2 2.0.27-3
CAN-2002-1376
- NOTE: covered by DSA-212
+ {DSA-212}
NOTE: bug in mysql 3, sarge uses mysql 4
CAN-2002-1375
- NOTE: covered by DSA-212
+ {DSA-212}
NOTE: bug in mysql 3, sarge uses mysql 4
CAN-2002-1374
- NOTE: covered by DSA-212
+ {DSA-212}
NOTE: bug in mysql 3, sarge uses mysql 4
CAN-2002-1373
- NOTE: covered by DSA-212
+ {DSA-212}
NOTE: bug in mysql 3, sarge uses mysql 4
CAN-2002-1372
- NOTE: covered by DSA-232
+ {DSA-232}
- cupsys 1.1.18-1
CAN-2002-1371
- NOTE: covered by DSA-232
+ {DSA-232}
- cupsys 1.1.18-1
CAN-2002-1370
NOTE: reserved
CAN-2002-1369
- NOTE: covered by DSA-232
+ {DSA-232}
- cupsys 1.1.18-1
CAN-2002-1368
- NOTE: covered by DSA-232
+ {DSA-232}
- cupsys 1.1.18-1
CAN-2002-1367
- NOTE: covered by DSA-232
+ {DSA-232}
- cupsys 1.1.18-1
CAN-2002-1366
- NOTE: covered by DSA-232
+ {DSA-232}
- cupsys 1.1.18-1
CAN-2002-1365
- NOTE: covered by DSA-216
+ {DSA-216}
- fetchmail 6.2.0-1
CAN-2002-1364
- NOTE: covered by DSA-254
+ {DSA-254}
- traceroute-nanog 6.3.0-1
CAN-2002-1363
- NOTE: covered by DSA-213
+ {DSA-213}
- libpng3 1.2.5-8
CAN-2002-1362
- NOTE: covered by DSA-211
+ {DSA-211}
NOTE: micq not in sarge
CAN-2002-1360
NOTE: Debian uses openssh, not vulnerable
@@ -4650,10 +4638,10 @@
CAN-2002-1351
NOTE: reserved
CAN-2002-1350
- NOTE: covered by DSA-206
+ {DSA-206}
- tcpdump 3.6.2-2.2
CAN-2002-1348
- NOTE: covered by DSA-249
+ {DSA-251 DSA-250 DSA-249}
- w3mmee 0.3.p24.17-3
CAN-2002-1347
- libsasl2 2.1.10-1
@@ -4663,15 +4651,15 @@
NOTE: multiple ftp client issues
TODO: check wget, ftp, ncftp, etc.
CAN-2002-1344
- NOTE: covered by DSA-209
+ {DSA-209}
- wget 1.8.1-6.1
CAN-2002-1343
NOTE: reserved
CAN-2002-1342
- NOTE: covered by DSA-203
+ {DSA-203}
- smb2www 980804-17
CAN-2002-1341
- NOTE: covered by DSA-220
+ {DSA-220}
- squirrelmail 1:1.3.2-2
CAN-2002-1340
NOTE: not-for-us (Office Web Components)
@@ -4680,10 +4668,10 @@
CAN-2002-1338
NOTE: not-for-us (Office Web Components)
CAN-2002-1337
- NOTE: covered by DSA-257
+ {DSA-257}
NOTE: problem in sendmail 8.12, sarge uses 8.13
CAN-2002-1335
- NOTE: covered by DSA-249
+ {DSA-251 DSA-250 DSA-249}
- w3mmee 0.3.p24.17-3
CAN-2002-1334
NOTE: not-for-us (BizDesign)
@@ -4704,14 +4692,14 @@
CAN-2002-1324
NOTE: reserved
CAN-2002-1323
- NOTE: covered by DSA-208
+ {DSA-208}
- perl 5.8.0-14
CAN-2002-1322
NOTE: not-for-us (ClearCase)
CAN-2002-1321
NOTE: Realplayer not in Sarge
CAN-2002-1318
- NOTE: covered by DSA-200
+ {DSA-200}
NOTE: Problem in Samba 2, sarge uses Samba 3.
CAN-2002-1316
NOTE: not-for-us (iPlanet)
@@ -4720,22 +4708,22 @@
CAN-2002-1314
NOTE: reserved
CAN-2002-1313
- NOTE: covered by DSA-198
+ {DSA-198}
- nullmailer 1.00RC5-17
CAN-2002-1312
NOTE: reserved
CAN-2002-1311
- NOTE: covered by DSA-197
+ {DSA-197}
- courier 0.40.0-1
CAN-2002-1310
NOTE: not-for-us (Macromedia)
CAN-2002-1309
NOTE: not-for-us (Macromedia)
CAN-2002-1307
- NOTE: covered by DSA-199
+ {DSA-199}
- mhonarc 2.5.13-1
CAN-2002-1306
- NOTE: covered by DSA-214
+ {DSA-214}
- kdenetwork 2.2.2-14.20
CAN-2002-1305
NOTE: reserved
@@ -4747,11 +4735,11 @@
NOTE: reserved
CAN-2002-1301
NOTE: reserved
-CAN-2002-1300
- NOTE: reserved
end claimed by pdwerryh-guest
+CAN-2002-1300
+ NOTE: reserved
CAN-2002-1299
NOTE: reserved
CAN-2002-1298
@@ -4759,57 +4747,73 @@
CAN-2002-1297
NOTE: reserved
CAN-2002-1295
+ TODO: check
CAN-2002-1294
+ TODO: check
CAN-2002-1293
+ TODO: check
CAN-2002-1292
+ TODO: check
CAN-2002-1291
+ TODO: check
CAN-2002-1290
+ TODO: check
CAN-2002-1289
+ TODO: check
CAN-2002-1288
+ TODO: check
CAN-2002-1287
+ TODO: check
CAN-2002-1286
+ TODO: check
CAN-2002-1285
+ TODO: check
CAN-2002-1283
+ TODO: check
CAN-2002-1282
- NOTE: covered by DSA-204
+ {DSA-204}
CAN-2002-1281
- NOTE: covered by DSA-204
+ {DSA-204}
CAN-2002-1280
NOTE: reserved
CAN-2002-1279
- NOTE: covered by DSA-194
+ {DSA-194}
CAN-2002-1277
- NOTE: covered by DSA-190
+ {DSA-190}
CAN-2002-1276
- NOTE: covered by DSA-191
+ {DSA-191}
CAN-2002-1275
- NOTE: covered by DSA-192
+ {DSA-192}
CAN-2002-1274
NOTE: reserved
CAN-2002-1273
NOTE: reserved
CAN-2002-1271
- NOTE: covered by DSA-386
+ {DSA-386}
CAN-2002-1269
+ TODO: check
CAN-2002-1263
NOTE: rejected
CAN-2002-1262
+ TODO: check
CAN-2002-1261
NOTE: rejected
CAN-2002-1259
NOTE: rejected
CAN-2002-1258
+ TODO: check
CAN-2002-1254
+ TODO: check
CAN-2002-1251
- NOTE: covered by DSA-186
+ {DSA-186}
CAN-2002-1249
NOTE: reserved
CAN-2002-1247
- NOTE: covered by DSA-193
+ {DSA-193}
CAN-2002-1246
NOTE: reserved
CAN-2002-1245
- NOTE: covered by DSA-189
+ {DSA-189}
CAN-2002-1243
NOTE: reserved
CAN-2002-1241
@@ -4817,41 +4821,51 @@
CAN-2002-1240
NOTE: reserved
CAN-2002-1238
+ TODO: check
CAN-2002-1237
NOTE: reserved
CAN-2002-1235
- NOTE: covered by DSA-183
+ {DSA-185 DSA-184 DSA-183}
CAN-2002-1234
NOTE: rejected
CAN-2002-1233
- NOTE: covered by DSA-187
+ {DSA-195 DSA-188 DSA-187}
CAN-2002-1232
- NOTE: covered by DSA-180
+ {DSA-180}
CAN-2002-1229
+ TODO: check
CAN-2002-1228
+ TODO: check
CAN-2002-1227
- NOTE: covered by DSA-177
+ {DSA-177}
CAN-2002-1226
- NOTE: covered by DSA-178
+ {DSA-178}
CAN-2002-1225,
- NOTE: covered by DSA-178
+ {DSA-178}
CAN-2002-1225
+ TODO: check
CAN-2002-1221
- NOTE: covered by DSA-196
+ {DSA-196}
CAN-2002-1220
- NOTE: covered by DSA-196
+ {DSA-196}
CAN-2002-1219
- NOTE: covered by DSA-196
+ {DSA-196}
CAN-2002-1218
NOTE: reserved
CAN-2002-1217
+ TODO: check
CAN-2002-1216
+ TODO: check
CAN-2002-1215
- NOTE: covered by DSA-174
+ {DSA-174}
CAN-2002-1213
+ TODO: check
CAN-2002-1212
+ TODO: check
CAN-2002-1210
+ TODO: check
CAN-2002-1209
+ TODO: check
CAN-2002-1208
NOTE: reserved
CAN-2002-1207
@@ -4861,29 +4875,41 @@
CAN-2002-1205
NOTE: reserved
CAN-2002-1204
+ TODO: check
CAN-2002-1203
+ TODO: check
CAN-2002-1202
+ TODO: check
CAN-2002-1201
+ TODO: check
CAN-2002-1200
- NOTE: covered by DSA-175
+ {DSA-175}
CAN-2002-1196
- NOTE: covered by DSA-173
+ {DSA-173}
CAN-2002-1195
- NOTE: covered by DSA-169
+ {DSA-169}
CAN-2002-1194
+ TODO: check
CAN-2002-1193
- NOTE: covered by DSA-172
+ {DSA-172}
CAN-2002-1192
+ TODO: check
CAN-2002-1191
+ TODO: check
CAN-2002-1190
+ TODO: check
CAN-2002-1181
+ TODO: check
CAN-2002-1177
+ TODO: check
CAN-2002-1176
+ TODO: check
CAN-2002-1175,
- NOTE: covered by DSA-171
+ {DSA-171}
CAN-2002-1175
+ TODO: check
CAN-2002-1174
- NOTE: covered by DSA-171
+ {DSA-171}
CAN-2002-1173
NOTE: reserved
CAN-2002-1172
@@ -4891,371 +4917,633 @@
CAN-2002-1171
NOTE: reserved
CAN-2002-1168
+ TODO: check
CAN-2002-1167
+ TODO: check
CAN-2002-1166
+ TODO: check
CAN-2002-1165
+ TODO: check
CAN-2002-1161
NOTE: rejected
CAN-2002-1159
- NOTE: covered by DSA-224
+ {DSA-224}
CAN-2002-1158
- NOTE: covered by DSA-224
+ {DSA-224}
CAN-2002-1157
- NOTE: covered by DSA-181
+ {DSA-181}
CAN-2002-1156
- apache2 2.0.43
CAN-2002-1155
+ TODO: check
CAN-2002-1151
- NOTE: covered by DSA-167
+ {DSA-167}
CAN-2002-1150
+ TODO: check
CAN-2002-1149
+ TODO: check
CAN-2002-1148
- NOTE: covered by DSA-170
+ {DSA-170}
CAN-2002-1145
+ TODO: check
CAN-2002-1144
NOTE: reserved
CAN-2002-1143
+ TODO: check
CAN-2002-1136
NOTE: reserved
CAN-2002-1134
+ TODO: check
CAN-2002-1133
+ TODO: check
CAN-2002-1132
- NOTE: covered by DSA-191
+ {DSA-191}
CAN-2002-1131
- NOTE: covered by DSA-191
+ {DSA-191}
CAN-2002-1130
NOTE: reserved
CAN-2002-1129
+ TODO: check
CAN-2002-1128
+ TODO: check
CAN-2002-1127
+ TODO: check
CAN-2002-1125
+ TODO: check
CAN-2002-1124
- NOTE: covered by DSA-166
+ {DSA-166}
CAN-2002-1121
+ TODO: check
CAN-2002-1120
+ TODO: check
CAN-2002-1119
- NOTE: covered by DSA-159
+ {DSA-159}
CAN-2002-1116
- NOTE: covered by DSA-161
+ {DSA-161}
CAN-2002-1115
- NOTE: covered by DSA-161
+ {DSA-161}
CAN-2002-1114
- NOTE: covered by DSA-153
+ {DSA-153}
CAN-2002-1113
- NOTE: covered by DSA-153
+ {DSA-153}
CAN-2002-1112
- NOTE: covered by DSA-153
+ {DSA-153}
CAN-2002-1111
- NOTE: covered by DSA-153
+ {DSA-153}
CAN-2002-1110
- NOTE: covered by DSA-153
+ {DSA-153}
CAN-2002-1103
+ TODO: check
CAN-2002-1101
+ TODO: check
CAN-2002-1100
+ TODO: check
CAN-2002-1094
+ TODO: check
CAN-2002-1090
+ TODO: check
CAN-2002-1089
+ TODO: check
CAN-2002-1087
+ TODO: check
CAN-2002-1086
+ TODO: check
CAN-2002-1085
+ TODO: check
CAN-2002-1084
+ TODO: check
CAN-2002-1083
+ TODO: check
CAN-2002-1082
+ TODO: check
CAN-2002-1080
+ TODO: check
CAN-2002-1078
+ TODO: check
CAN-2002-1077
+ TODO: check
CAN-2002-1075
+ TODO: check
CAN-2002-1073
+ TODO: check
CAN-2002-1072
+ TODO: check
CAN-2002-1071
+ TODO: check
CAN-2002-1070
+ TODO: check
CAN-2002-1069
+ TODO: check
CAN-2002-1068
+ TODO: check
CAN-2002-1067
+ TODO: check
CAN-2002-1066
+ TODO: check
CAN-2002-1065
+ TODO: check
CAN-2002-1064
+ TODO: check
CAN-2002-1063
+ TODO: check
CAN-2002-1062
+ TODO: check
CAN-2002-1061
+ TODO: check
CAN-2002-1058
+ TODO: check
CAN-2002-1055
+ TODO: check
CAN-2002-1052
+ TODO: check
CAN-2002-1051
- NOTE: covered by DSA-254
+ {DSA-254}
CAN-2002-1048
+ TODO: check
CAN-2002-1047
+ TODO: check
CAN-2002-1045
+ TODO: check
CAN-2002-1044
+ TODO: check
CAN-2002-1043
+ TODO: check
CAN-2002-1042
+ TODO: check
CAN-2002-1041
+ TODO: check
CAN-2002-1040
+ TODO: check
CAN-2002-1038
+ TODO: check
CAN-2002-1037
+ TODO: check
CAN-2002-1036
+ TODO: check
CAN-2002-1034
+ TODO: check
CAN-2002-1033
+ TODO: check
CAN-2002-1032
+ TODO: check
CAN-2002-1029
+ TODO: check
CAN-2002-1028
+ TODO: check
CAN-2002-1027
+ TODO: check
CAN-2002-1026
+ TODO: check
CAN-2002-1023
+ TODO: check
CAN-2002-1022
+ TODO: check
CAN-2002-1021
+ TODO: check
CAN-2002-1020
+ TODO: check
CAN-2002-1019
+ TODO: check
CAN-2002-1018
+ TODO: check
CAN-2002-1017
+ TODO: check
CAN-2002-1016
+ TODO: check
CAN-2002-1012
+ TODO: check
CAN-2002-1011
+ TODO: check
CAN-2002-1010
+ TODO: check
CAN-2002-1009
+ TODO: check
CAN-2002-1008
+ TODO: check
CAN-2002-1007
+ TODO: check
CAN-2002-1005
+ TODO: check
CAN-2002-1003
+ TODO: check
CAN-2002-1001
+ TODO: check
CAN-2002-0999
+ TODO: check
CAN-2002-0998
+ TODO: check
CAN-2002-0997
+ TODO: check
CAN-2002-0996
+ TODO: check
CAN-2002-0994
+ TODO: check
CAN-2002-0993
+ TODO: check
CAN-2002-0992
+ TODO: check
CAN-2002-0991
+ TODO: check
CAN-2002-0986
- NOTE: covered by DSA-168
+ {DSA-168}
CAN-2002-0985
- NOTE: covered by DSA-168
+ {DSA-168}
CAN-2002-0983
- NOTE: covered by DSA-157
+ {DSA-157}
CAN-2002-0982
+ TODO: check
CAN-2002-0980
+ TODO: check
CAN-2002-0979
+ TODO: check
CAN-2002-0978
+ TODO: check
CAN-2002-0977
+ TODO: check
CAN-2002-0976
+ TODO: check
CAN-2002-0975
+ TODO: check
CAN-2002-0973
+ TODO: check
CAN-2002-0972
- NOTE: covered by DSA-165
+ {DSA-165}
CAN-2002-0971
+ TODO: check
CAN-2002-0970
- NOTE: covered by DSA-155
+ {DSA-155}
CAN-2002-0966
+ TODO: check
CAN-2002-0963
+ TODO: check
CAN-2002-0962
+ TODO: check
CAN-2002-0961
+ TODO: check
CAN-2002-0960
+ TODO: check
CAN-2002-0959
+ TODO: check
CAN-2002-0957
+ TODO: check
CAN-2002-0956
+ TODO: check
CAN-2002-0955
+ TODO: check
CAN-2002-0954
+ TODO: check
CAN-2002-0951
+ TODO: check
CAN-2002-0950
+ TODO: check
CAN-2002-0949
+ TODO: check
CAN-2002-0948
+ TODO: check
CAN-2002-0944
+ TODO: check
CAN-2002-0943
+ TODO: check
CAN-2002-0942
+ TODO: check
CAN-2002-0940
+ TODO: check
CAN-2002-0939
+ TODO: check
CAN-2002-0937
+ TODO: check
CAN-2002-0936
+ TODO: check
CAN-2002-0934
+ TODO: check
CAN-2002-0933
+ TODO: check
CAN-2002-0932
+ TODO: check
CAN-2002-0931
+ TODO: check
CAN-2002-0930
+ TODO: check
CAN-2002-0929
+ TODO: check
CAN-2002-0928
+ TODO: check
CAN-2002-0926
+ TODO: check
CAN-2002-0925
+ TODO: check
CAN-2002-0924
+ TODO: check
CAN-2002-0923
+ TODO: check
CAN-2002-0922
+ TODO: check
CAN-2002-0921
+ TODO: check
CAN-2002-0920
+ TODO: check
CAN-2002-0919
+ TODO: check
CAN-2002-0918
+ TODO: check
CAN-2002-0917
+ TODO: check
CAN-2002-0915
+ TODO: check
CAN-2002-0913
+ TODO: check
CAN-2002-0912
+ TODO: check
CAN-2002-0910
+ TODO: check
CAN-2002-0909
+ TODO: check
CAN-2002-0908
+ TODO: check
CAN-2002-0907
+ TODO: check
CAN-2002-0905
+ TODO: check
CAN-2002-0903
+ TODO: check
CAN-2002-0902
+ TODO: check
CAN-2002-0901
+ TODO: check
CAN-2002-0899
+ TODO: check
CAN-2002-0896
+ TODO: check
CAN-2002-0894
+ TODO: check
CAN-2002-0893
+ TODO: check
CAN-2002-0888
+ TODO: check
CAN-2002-0886
+ TODO: check
CAN-2002-0885
+ TODO: check
CAN-2002-0884
+ TODO: check
CAN-2002-0883
+ TODO: check
CAN-2002-0882
+ TODO: check
CAN-2002-0881
+ TODO: check
CAN-2002-0880
+ TODO: check
CAN-2002-0879
+ TODO: check
CAN-2002-0878
+ TODO: check
CAN-2002-0877
+ TODO: check
CAN-2002-0876
+ TODO: check
CAN-2002-0874
- NOTE: covered by DSA-150
+ {DSA-150}
CAN-2002-0870
+ TODO: check
CAN-2002-0869
+ TODO: check
CAN-2002-0868
NOTE: reserved
CAN-2002-0863
+ TODO: check
CAN-2002-0862
+ TODO: check
CAN-2002-0861
+ TODO: check
CAN-2002-0858
+ TODO: check
CAN-2002-0857
+ TODO: check
CAN-2002-0855
- NOTE: covered by DSA-147
+ {DSA-147}
CAN-2002-0854
+ TODO: check
CAN-2002-0852
+ TODO: check
CAN-2002-0849
+ TODO: check
CAN-2002-0843
- NOTE: covered by DSA-187
+ {DSA-195 DSA-188 DSA-187}
- apache 1.3.27-0.1
CAN-2002-0841
NOTE: rejected
CAN-2002-0840
- NOTE: covered by DSA-187
+ {DSA-195 DSA-188 DSA-187}
- apache2 2.0.43-1
- apache 1.3.27-0.1
CAN-2002-0839
- NOTE: covered by DSA-187
+ {DSA-195 DSA-188 DSA-187}
- apache 1.3.27-0.1
CAN-2002-0838
- NOTE: covered by DSA-176
+ {DSA-182 DSA-179 DSA-176}
CAN-2002-0837
+ TODO: check
CAN-2002-0836
- NOTE: covered by DSA-207
+ {DSA-207}
CAN-2002-0834
- NOTE: covered by DSA-162
+ {DSA-162}
CAN-2002-0833
+ TODO: check
CAN-2002-0832
+ TODO: check
CAN-2002-0828
NOTE: rejected
CAN-2002-0827
+ TODO: check
CAN-2002-0825
+ TODO: check
CAN-2002-0822
+ TODO: check
CAN-2002-0821
+ TODO: check
CAN-2002-0820
+ TODO: check
CAN-2002-0819
+ TODO: check
CAN-2002-0815
+ TODO: check
CAN-2002-0812
+ TODO: check
CAN-2002-0811
+ TODO: check
CAN-2002-0807
+ TODO: check
CAN-2002-0803
+ TODO: check
CAN-2002-0800
+ TODO: check
CAN-2002-0799
+ TODO: check
CAN-2002-0798
+ TODO: check
CAN-2002-0797
+ TODO: check
CAN-2002-0796
+ TODO: check
CAN-2002-0793
+ TODO: check
CAN-2002-0792
+ TODO: check
CAN-2002-0791
+ TODO: check
CAN-2002-0787
+ TODO: check
CAN-2002-0786
+ TODO: check
CAN-2002-0784
+ TODO: check
CAN-2002-0783
+ TODO: check
CAN-2002-0782
+ TODO: check
CAN-2002-0781
+ TODO: check
CAN-2002-0780
+ TODO: check
CAN-2002-0779
+ TODO: check
CAN-2002-0775
+ TODO: check
CAN-2002-0774
+ TODO: check
CAN-2002-0773
+ TODO: check
CAN-2002-0772
+ TODO: check
CAN-2002-0771
+ TODO: check
CAN-2002-0770
+ TODO: check
CAN-2002-0769
+ TODO: check
CAN-2002-0767
+ TODO: check
CAN-2002-0764
+ TODO: check
CAN-2002-0763
+ TODO: check
CAN-2002-0757
+ TODO: check
CAN-2002-0756
+ TODO: check
CAN-2002-0753
+ TODO: check
CAN-2002-0752
+ TODO: check
CAN-2002-0751
+ TODO: check
CAN-2002-0750
+ TODO: check
CAN-2002-0749
+ TODO: check
CAN-2002-0747
+ TODO: check
CAN-2002-0746
+ TODO: check
CAN-2002-0745
+ TODO: check
CAN-2002-0744
+ TODO: check
CAN-2002-0743
+ TODO: check
CAN-2002-0742
+ TODO: check
CAN-2002-0740
+ TODO: check
CAN-2002-0739
+ TODO: check
CAN-2002-0735
+ TODO: check
CAN-2002-0732
+ TODO: check
CAN-2002-0731
+ TODO: check
CAN-2002-0730
+ TODO: check
CAN-2002-0728
- NOTE: covered by DSA-140
+ {DSA-140}
CAN-2002-0725
+ TODO: check
CAN-2002-0724
+ TODO: check
CAN-2002-0723
+ TODO: check
CAN-2002-0721
+ TODO: check
CAN-2002-0717
+ TODO: check
CAN-2002-0715
+ TODO: check
CAN-2002-0713
+ TODO: check
CAN-2002-0712
+ TODO: check
CAN-2002-0711
+ TODO: check
CAN-2002-0709
+ TODO: check
CAN-2002-0708
+ TODO: check
CAN-2002-0707
+ TODO: check
CAN-2002-0706
+ TODO: check
CAN-2002-0705
+ TODO: check
CAN-2002-0702
+ TODO: check
CAN-2002-0699
+ TODO: check
CAN-2002-0693
+ TODO: check
CAN-2002-0690
+ TODO: check
CAN-2002-0689
NOTE: reserved
CAN-2002-0686
+ TODO: check
CAN-2002-0684
+ TODO: check
CAN-2002-0683
+ TODO: check
CAN-2002-0681
+ TODO: check
CAN-2002-0680
+ TODO: check
CAN-2002-0677
+ TODO: check
CAN-2002-0675
+ TODO: check
CAN-2002-0670
+ TODO: check
CAN-2002-0669
+ TODO: check
CAN-2002-0667
+ TODO: check
CAN-2002-0666
- NOTE: covered by DSA-201
+ {DSA-201}
CAN-2002-0664
+ TODO: check
CAN-2002-0662
- NOTE: covered by DSA-160
+ {DSA-160}
CAN-2002-0661
- apache2 2.0.40
CAN-2002-0660
- NOTE: covered by DSA-140
+ {DSA-140}
CAN-2002-0659
- NOTE: covered by DSA-136
+ {DSA-136}
CAN-2002-0657
- NOTE: covered by DSA-136
+ {DSA-136}
CAN-2002-0656
- NOTE: covered by DSA-136
-CAN-2002-0655
- NOTE: covered by DSA-136
+ {DSA-136}
-NOTE: this is approximatly the release of woody, so we can stop here
+STOP: this is approximatly the release of woody, so we can stop here
CAN-2002-0654
- apache2 2.0.40
Deleted: sarge-checks/CAN/makelist.pl
===================================================================
--- sarge-checks/CAN/makelist.pl 2004-12-03 18:53:27 UTC (rev 158)
+++ sarge-checks/CAN/makelist.pl 2004-12-03 19:38:54 UTC (rev 159)
@@ -1,64 +0,0 @@
-#!/usr/bin/perl
-# TODO: updates from newer versions of the full_can.html and dsa list.
-my $full_can_html=shift;
-my $dsa_list=shift;
-
-my %cans;
-
-open (DSA, "<$dsa_list") || die "$dsa_list: $!\n";
-my $dsa;
-while (<DSA>) {
- if (/^\[/) {
- ($dsa)=m/(DSA-.*?) /;
- }
- if (/\{(CAN|CVE)/) {
- my ($canlist)=m/\{(.*)\}/;
- foreach my $can (split ' ', $canlist) {
- $can=~s/CVE-/CAN-/g;
- next unless $can=~/^CAN-\d+/;
- $cans{$can}{can}=$can;
- $cans{$can}{dsa}=$dsa;
- $can=~s/CAN-/CVE-/g;
- $cans{$can}{can}=$can;
- $cans{$can}{dsa}=$dsa;
- }
- }
-}
-
-my %listedcans;
-
-open (FULL_CAN, "<$full_can_html") || die "$full_can_html: $!\n";
-my $can;
-while (<FULL_CAN>) {
- if (m!<b>(CAN-\d+-\d+)</b>!) {
- $can=$1;
- $cans{$can}{can}=$can;
- $listedcans{$can}=1;
- }
- elsif (m!<b>(CVE-\d+-\d+)</b>!) {
- $can=$1;
- $cans{$can}{can}=$can;
- $listedcans{$can}=1;
- }
- if (m!\*\*\s+RESERVED\s+\*\*!) {
- $cans{$can}{reserved}=1;
-
- }
- if (m!\*\*\s+REJECT\s+\*\*!) {
- $cans{$can}{rejected}=1;
- }
-}
-foreach my $can (reverse sort { $cans{$a}{can} cmp $cans{$b}{can} } keys %cans) {
- next unless $listedcans{$can};
- print "$can\n";
- if ($cans{$can}{reserved}) {
- print "\tNOTE: reserved\n";
- }
- if ($cans{$can}{rejected}) {
- print "\tNOTE: rejected\n";
- }
- if ($cans{$can}{dsa}) {
- print "\tNOTE: covered by $cans{$can}{dsa}\n";
- }
-
-}
Copied: sarge-checks/CAN/update.pl (from rev 152, sarge-checks/CAN/makelist.pl)
===================================================================
--- sarge-checks/CAN/makelist.pl 2004-11-28 20:45:07 UTC (rev 152)
+++ sarge-checks/CAN/update.pl 2004-12-03 19:38:54 UTC (rev 159)
@@ -0,0 +1,118 @@
+#!/usr/bin/perl
+my $full_can_html=shift;
+my $dsa_list=shift;
+my $our_list=shift;
+
+my %cans;
+
+open (DSA, "<$dsa_list") || die "$dsa_list: $!\n";
+my $dsa;
+while (<DSA>) {
+ if (/^\[/) {
+ ($dsa)=m/(DSA-.*?) /;
+ }
+ if (/\{(CAN|CVE)/) {
+ my ($canlist)=m/\{(.*)\}/;
+ foreach my $can (split ' ', $canlist) {
+ $can=~s/CVE-/CAN-/g;
+ next unless $can=~/^CAN-\d+/;
+ $cans{$can}{can}=$can;
+ push @{$cans{$can}{dsa}}, $dsa;
+ $can=~s/CAN-/CVE-/g;
+ $cans{$can}{can}=$can;
+ push @{$cans{$can}{dsa}}, $dsa;
+ }
+ }
+}
+close DSA;
+
+my %listedcans;
+
+open (FULL_CAN, "<$full_can_html") || die "$full_can_html: $!\n";
+my $can;
+while (<FULL_CAN>) {
+ if (m!<b>(CAN-\d+-\d+)</b>!) {
+ $can=$1;
+ $cans{$can}{can}=$can;
+ $listedcans{$can}=1;
+ }
+ elsif (m!<b>(CVE-\d+-\d+)</b>!) {
+ $can=$1;
+ $cans{$can}{can}=$can;
+ $listedcans{$can}=1;
+ }
+ if (m!\*\*\s+RESERVED\s+\*\*!) {
+ $cans{$can}{reserved}=1;
+
+ }
+ if (m!\*\*\s+REJECT\s+\*\*!) {
+ $cans{$can}{rejected}=1;
+ }
+}
+close FULL_CAN;
+#foreach my $can (reverse sort { $cans{$a}{can} cmp $cans{$b}{can} } keys %cans) {
+# next unless $listedcans{$can};
+# print "$can\n";
+# if ($cans{$can}{reserved}) {
+# print "\tNOTE: reserved\n";
+# }
+# if ($cans{$can}{rejected}) {
+# print "\tNOTE: rejected\n";
+# }
+# if ($cans{$can}{dsa}) {
+# print "\t{".join(" ", @{$cans{$can}{dsa}})."}\n";
+# }
+#}
+
+open (IN, "<$our_list") || die "$our_list: $!\n";
+my $can;
+while (<IN>) {
+ chomp;
+ if (/^((?:CAN|CVE)-.*)/) {
+ if ($can) {
+ print "$can\n";
+ if ($cans{$can}{reserved}) {
+ print "\tNOTE: reserved\n";
+ }
+ if ($cans{$can}{rejected}) {
+ print "\tNOTE: rejected\n";
+ }
+ if ($cans{$can}{dsa}) {
+ print "\t{".join(" ", @{$cans{$can}{dsa}})."}\n";
+ }
+ if ($cans{$can}{notes}) {
+ foreach (@{$cans{$can}{notes}}) {
+ print "\t$_\n";
+ }
+ }
+ if (! $cans{$can}{reserved} && ! $cans{$can}{rejected} &&
+ ! $cans{$can}{dsa} && ! $cans{$can}{notes}) {
+ print "\tTODO: check\n";
+ }
+
+ delete $cans{$can};
+ }
+ $can=$1;
+ }
+ elsif (/^\s+NOTE:\s*(reserved|rejected)\s*$/) {
+ # skip it
+ }
+ elsif (/^\s+NOTE: covered by DSA.*/) {
+ # skip it (old form)
+ }
+ elsif (/^\s+(.*)/ && $can) {
+ push @{$cans{$can}{notes}}, $1;
+ }
+ elsif (/^STOP/) {
+ print "$_\n";
+ last;
+ }
+ else {
+ print "$_\n";
+ }
+}
+# Print out anything after a STOP marker.
+while (<IN>) {
+ print $_;
+}
+close IN;