[Secure-testing-commits] r188 - in sarge-checks: CAN DSA

Joey Hess joeyh@haydn.debian.org
Thu, 09 Dec 2004 14:53:04 -0700 

Author: joeyh
Date: 2004-12-09 14:51:14 -0700 (Thu, 09 Dec 2004)
New Revision: 188

Modified:
   sarge-checks/CAN/list
   sarge-checks/DSA/list
Log:
updates


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2004-12-09 21:20:15 UTC (rev 187)
+++ sarge-checks/CAN/list	2004-12-09 21:51:14 UTC (rev 188)
@@ -2523,7 +2523,7 @@
 CAN-2003-0967
 	- freeradius 0.9.2-4
 CAN-2003-0996
-	TODO: check
+	NOTE: not-for-us (Computer Associates (CA) Unicenter Remote Control)
 CAN-2003-0965
 	{DSA-436}
 CAN-2003-0964
@@ -2707,7 +2707,6 @@
 	NOTE: openslp: slpd.all_init symlink vuln
 	NOTE: this file is not used in Debian, so it's not a problem for us.
 	NOTE: source package still distributes the file, however.
-	TODO: submitted to BTS. waiting for response.
 	- openslp (unfixed; bug #279973; only problem in source package)
 CAN-2003-0874
 	NOTE: not-for-us (Deskpro)
@@ -3558,7 +3557,7 @@
 CAN-2003-0467
 	NOTE: fixed in linux 2.4.21
 CAN-2003-0466
-	TODO: check
+	{DSA-357}
 CAN-2003-0465 strncpy in kernel does not pad with zeroes
 	- kernel-source-2.4.27 (unfixed; bug #280492)
 	NOTE: generic .c version fixed in 2.6.x but not in 2.4.x
@@ -4911,29 +4910,29 @@
 CAN-2002-1297
 	NOTE: reserved
 CAN-2002-1295
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1294
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1293
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1292
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1291
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1290
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1289
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1288
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1287
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1286
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1285
-	TODO: check
+	NOTE: not-for-us (SuSE-specific lprfilter package)
 CAN-2002-1283
-	TODO: check
+	NOTE: not-for-us (Novell iManager (eMFrame))
 CAN-2002-1282
 	{DSA-204}
 CAN-2002-1281
@@ -4955,19 +4954,19 @@
 CAN-2002-1271
 	{DSA-386}
 CAN-2002-1269
-	TODO: check
+	NOTE: not-for-us (MacOS)
 CAN-2002-1263
 	NOTE: rejected
 CAN-2002-1262
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1261
 	NOTE: rejected
 CAN-2002-1259
 	NOTE: rejected
 CAN-2002-1258
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1254
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1251
 	{DSA-186}
 CAN-2002-1249
@@ -4985,7 +4984,7 @@
 CAN-2002-1240
 	NOTE: reserved
 CAN-2002-1238
-	TODO: check
+	NOTE: not-for-us (Peter Sandvik's Simple Web Server)
 CAN-2002-1237
 	NOTE: reserved
 CAN-2002-1235
@@ -4997,9 +4996,9 @@
 CAN-2002-1232
 	{DSA-180}
 CAN-2002-1229
-	TODO: check
+	NOTE: not-for-us (Avaya Cajun switches)
 CAN-2002-1228
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2002-1227
 	{DSA-177}
 CAN-2002-1226
@@ -5015,19 +5014,19 @@
 CAN-2002-1218
 	NOTE: reserved
 CAN-2002-1217
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-1216
-	TODO: check
+	- tar 1.13.25
 CAN-2002-1215
 	{DSA-174}
 CAN-2002-1213
-	TODO: check
+	NOTE: not-for-us (RadioBird Software WebServer 4 Everyone)
 CAN-2002-1212
-	TODO: check
+	NOTE: not-for-us (RadioBird Software WebServer 4 Everyone)
 CAN-2002-1210
-	TODO: check
+	NOTE: not-for-us (Eudora)
 CAN-2002-1209
-	TODO: check
+	NOTE: not-for-us (SolarWinds TFTP Server)
 CAN-2002-1208
 	NOTE: reserved
 CAN-2002-1207
@@ -5037,13 +5036,13 @@
 CAN-2002-1205
 	NOTE: reserved
 CAN-2002-1204
-	TODO: check
+	NOTE: not-for-us (Netscape Communicator 4.x)
 CAN-2002-1203
-	TODO: check
+	NOTE: not-for-us (IBM SecureWay Firewall)
 CAN-2002-1202
-	TODO: check
+	NOTE: not-for-us (HP Tru64 UNIX)
 CAN-2002-1201
-	TODO: check
+	NOTE: not-for-us (AIX)
 CAN-2002-1200
 	{DSA-175}
 CAN-2002-1196

Modified: sarge-checks/DSA/list
===================================================================
--- sarge-checks/DSA/list	2004-12-09 21:20:15 UTC (rev 187)
+++ sarge-checks/DSA/list	2004-12-09 21:51:14 UTC (rev 188)
@@ -1,7 +1,6 @@
 [08 Dec 2004] DSA-606-1 nfs-utils - wrong signal handler
 	{CAN-2004-1014}
-	- nfs-utils (unfixed; no bug filed)
-	TODO: check/file bug
+	- nfs-utils (unfixed; bug filed)
 [06 Dec 2004] DSA-605-1 viewcvs - settings not honored
 	{CAN-2004-0915}
 	- viewcvs 0.9.2+cvs.1.0.dev.2004.07.28-1.2
@@ -810,6 +809,7 @@
 	{CAN-2003-0461 CAN-2003-0462 CAN-2003-0476 CAN-2003-0501 CAN-2003-0550 CAN-2003-0551 CAN-2003-0552 CAN-2003-0018 CAN-2003-0619 CAN-2003-0643}
 	NOTE: 2.4.18/2.4.20 not in unstable/testing. Did not check newer ones.
 [31 Jul 2003] DSA-357 wu-ftpd - remote root exploit
+	{CAN-2003-046}
 	- wu-ftpd 2.6.2-12
 [30 Jul 2003] DSA-356 xtokkaetama - buffer overflows
 	{CAN-2003-0611}