[Secure-testing-commits] r199 - sarge-checks/CAN
Joey Hess
joeyh@haydn.debian.org
Wed, 15 Dec 2004 13:09:13 -0700
Author: joeyh
Date: 2004-12-15 13:08:48 -0700 (Wed, 15 Dec 2004)
New Revision: 199
Modified:
sarge-checks/CAN/list
Log:
check today's CANs
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2004-12-15 16:14:32 UTC (rev 198)
+++ sarge-checks/CAN/list 2004-12-15 20:08:48 UTC (rev 199)
@@ -1,91 +1,94 @@
CAN-2004-1233
- TODO: check
+ NOTE: not-for-us (Gadu-Gadu)
CAN-2004-1232
- TODO: check
+ NOTE: not-for-us (Gadu-Gadu)
CAN-2004-1231
- TODO: check
+ NOTE: not-for-us (Gadu-Gadu)
CAN-2004-1230
- TODO: check
+ NOTE: not-for-us (Gadu-Gadu)
CAN-2004-1229
- TODO: check
+ NOTE: not-for-us (Gadu-Gadu)
CAN-2004-1228
- TODO: check
+ NOTE: not-for-us (SugarCRM Sugar Sales)
CAN-2004-1227
- TODO: check
+ NOTE: not-for-us (SugarCRM Sugar Sales)
CAN-2004-1226
- TODO: check
+ NOTE: not-for-us (SugarCRM Sugar Sales)
CAN-2004-1225
- TODO: check
+ NOTE: not-for-us (SugarCRM Sugar Sales)
CAN-2004-1224
- TODO: check
+ - mtr 0.67-1
CAN-2004-1223
- TODO: check
+ NOTE: not-for-us (F-Secure Policy Manager)
CAN-2004-1222
- TODO: check
+ NOTE: not-for-us (weblibs.pl)
CAN-2004-1221
- TODO: check
+ NOTE: not-for-us (weblibs.pl)
CAN-2004-1220
- TODO: check
+ NOTE: not-for-us (Battlefield 1942, Battlefield Vietnam)
CAN-2004-1219
- TODO: check
+ NOTE: not-for-us (paFileDB)
CAN-2004-1218
- TODO: check
+ NOTE: not-for-us (Remote Execute)
CAN-2004-1217
- TODO: check
+ NOTE: not-for-us (Hosting Controller)
CAN-2004-1216
- TODO: check
+ NOTE: not-for-us (Kreed)
CAN-2004-1215
- TODO: check
+ NOTE: not-for-us (Kreed)
CAN-2004-1214
- TODO: check
+ NOTE: not-for-us (Kreed)
CAN-2004-1213
- TODO: check
+ NOTE: not-for-us (Advanced Guestbook)
CAN-2004-1212
- TODO: check
+ NOTE: not-for-us (Blog Torrent)
CAN-2004-1211
- TODO: check
+ NOTE: not-for-us (Mercury Mail)
CAN-2004-1210
- TODO: check
+ NOTE: not-for-us (IpCop)
CAN-2004-1209
- TODO: check
+ NOTE: not-for-us (Verisign Payflow Link)
CAN-2004-1208
- TODO: check
+ NOTE: not-for-us (Orbz)
CAN-2004-1207
- TODO: check
+ NOTE: not-for-us (The Serious engine, as used in (1) Alpha Black Zero, (2) Nitro family, and (3) Serious Sam Second Encounter)
CAN-2004-1206
- TODO: check
+ NOTE: not-for-us (pnTresMailer)
CAN-2004-1205
- TODO: check
+ NOTE: not-for-us (pnTresMailer)
CAN-2004-1204
- TODO: check
+ NOTE: at best a local DOS by the user running fluxbox.
+ NOTE: Where's the security hole?
+ - fluxbox (unfixed; bug filed)
CAN-2004-1203
- TODO: check
+ NOTE: not-for-us (phpCMS)
CAN-2004-1202
- TODO: check
+ NOTE: not-for-us (phpCMS)
CAN-2004-1201
- TODO: check
+ NOTE: not-for-us (Opera)
CAN-2004-1200
- TODO: check
+ NOTE: memory leak, doubt it's usefully exploitable
+ NOTE: did not followup
CAN-2004-1199
- TODO: check
+ NOTE: not-for-us (Safari)
CAN-2004-1198
- TODO: check
+ NOTE: not-for-us (MSIE)
CAN-2004-1197
- TODO: check
+ NOTE: not-for-us (inShop)
CAN-2004-1196
- TODO: check
+ NOTE: not-for-us (Insite Inmail)
CAN-2004-1195
- TODO: check
+ NOTE: not-for-us (Star Wars Battlefront)
CAN-2004-1194
- TODO: check
+ NOTE: not-for-us (Star Wars Battlefront)
CAN-2004-1193
- TODO: check
+ NOTE: not-for-us (Prevex Home)
CAN-2004-1192
- TODO: check
+ NOTE: not-for-us (Citadel/UX)
CAN-2004-1191
- TODO: check
+ TODO: check with kernel team
CAN-2004-1190
- TODO: check
+ TODO: check with kernel team
CAN-2004-1189
NOTE: reserved
CAN-2004-1188
@@ -119,7 +122,7 @@
CAN-2004-1174
NOTE: reserved
CAN-2004-1173
- TODO: check
+ NOTE: not-for-us (MSIE)
CAN-2004-1172
NOTE: reserved
CAN-2004-1171
@@ -169,15 +172,15 @@
CAN-2004-1152
NOTE: reserved
CAN-2004-1151
- TODO: check with kernel people
+ NOTE: only affects amd64 per ubuntu
CAN-2004-1150
NOTE: reserved
CAN-2004-1149
NOTE: reserved
CAN-2004-1148
- TODO: check
+ - phpmyadmin 2:2.6.1-rc1-1
CAN-2004-1147
- TODO: check
+ - phpmyadmin 2:2.6.1-rc1-1
CAN-2004-1146
NOTE: reserved
CAN-2004-1145
@@ -197,7 +200,7 @@
CAN-2004-1138
NOTE: reserved
CAN-2004-1137
- TODO: check
+ TODO: check with kernel team
CAN-2004-1136
NOTE: not-for-us (CuteFTP)
CAN-2004-1135
@@ -432,13 +435,13 @@
- imlib (unfixed; bug #284925)
- imlib-png2 (unfixed; bug #284925)
CAN-2004-1025
- TODO: check
+ NOTE: fixed in patches for CAN-2004-1026
CAN-2004-1024
NOTE: reserved
CAN-2004-1023
- TODO: check
+ NOTE: not-for-us (Kerio)
CAN-2004-1022
- TODO: check
+ NOTE: not-for-us (Kerio)
CAN-2004-1021
NOTE: not-for-us (MacOS)
CAN-2004-1020
@@ -450,7 +453,7 @@
CAN-2004-1017
NOTE: reserved
CAN-2004-1016
- TODO: check
+ TODO: check with kernel team
CAN-2004-1015
NOTE: cyrus-imapd not vulnerable
NOTE: cyrus21-imapd not vulnerable
@@ -739,11 +742,11 @@
- mozilla 1.7.3
- mozilla-thunderbird 0.8
CAN-2004-0901
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2004-0900
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2004-0899
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2004-0898
NOTE: reserved
CAN-2004-0897
@@ -753,9 +756,9 @@
CAN-2004-0895
NOTE: reserved
CAN-2004-0894
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2004-0893
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2004-0892
NOTE: not-for-us (Microsoft)
CAN-2004-0891
@@ -1445,13 +1448,13 @@
CAN-2004-0572
NOTE: not-for-us (Windows)
CAN-2004-0571
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2004-0570
NOTE: reserved
CAN-2004-0569
NOTE: not-for-us (Windows)
CAN-2004-0568
- TODO: check
+ NOTE: not-for-us (HyperTerminal)
CAN-2004-0567
NOTE: reserved
CAN-2004-0566