[Secure-testing-commits] r196 - sarge-checks/CAN

Joey Hess joeyh@haydn.debian.org
Mon, 13 Dec 2004 13:21:43 -0700


Author: joeyh
Date: 2004-12-13 13:21:29 -0700 (Mon, 13 Dec 2004)
New Revision: 196

Modified:
   sarge-checks/CAN/list
Log:
update


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2004-12-13 20:16:14 UTC (rev 195)
+++ sarge-checks/CAN/list	2004-12-13 20:21:29 UTC (rev 196)
@@ -1,6 +1,6 @@
 CAN-2004-1171
-	- kdelibs (unfixed; bug filed)
-	- kdebase (unfixed; bug filed)
+	- kdelibs 4:3.3.1-2
+	- kdebase 4:3.3.1-3
 CAN-2004-1170
 	- a2ps 1:4.13b-4.2
 CAN-2004-1169
@@ -12,7 +12,7 @@
 CAN-2004-1166
 	NOTE: not-for-us (Microsoft)
 CAN-2004-1165
-	- konqueror (unfixed; bug filed)
+	- konqueror (unfixed; bug #285128)
 CAN-2004-1164
 	NOTE: not-for-us (Cisco)
 CAN-2004-1163
@@ -27,10 +27,15 @@
 	NOTE: rejected
 CAN-2004-1158
 	TODO: check
+	NOTE: unable to really reproduce it using their test page
+	NOTE: vulnerale version is unclear. What's the -6 in the version
+	NOTE: numer the reference? RedHat revision?
 CAN-2004-1157
 	NOTE: not-for-us (Opera)
 CAN-2004-1156
 	TODO: check
+	NOTE: unable to really reproduce it using their test page and
+	NOTE: firefox.. but my setup is pretty nonstandard -- joey
 CAN-2004-1155
 	NOTE: not-for-us (Microsoft MSIE)
 CAN-2004-1154
@@ -3596,7 +3601,6 @@
 	NOTE: fixed in linux 2.4.21
 CAN-2003-0466
 	{DSA-357}
-	TODO: check
 CAN-2003-0465 strncpy in kernel does not pad with zeroes
 	- kernel-source-2.4.27 (unfixed; bug #280492)
 	NOTE: generic .c version fixed in 2.6.x but not in 2.4.x