[Secure-testing-commits] r201 - in sarge-checks: CAN DSA
Joey Hess
joeyh@haydn.debian.org
Fri, 17 Dec 2004 11:04:37 -0700
Author: joeyh
Date: 2004-12-17 11:04:25 -0700 (Fri, 17 Dec 2004)
New Revision: 201
Modified:
sarge-checks/CAN/list
sarge-checks/DSA/list
Log:
update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2004-12-15 20:38:57 UTC (rev 200)
+++ sarge-checks/CAN/list 2004-12-17 18:04:25 UTC (rev 201)
@@ -172,7 +172,8 @@
CAN-2004-1152
NOTE: reserved
CAN-2004-1151 (Multiple buffer overflows in the (1) sys32_ni_syscall and (2) ...)
- NOTE: only affects amd64 per ubuntu
+ NOTE: fixed in kernel team svn
+ TODO: track fix
CAN-2004-1150
NOTE: reserved
CAN-2004-1149
@@ -200,7 +201,8 @@
CAN-2004-1138
NOTE: reserved
CAN-2004-1137 (Multiple vulnerabilities in the IGMP functionality for Linux kernel ...)
- TODO: check with kernel team
+ NOTE: Fixed in kernel team svn
+ TODO: track fix
CAN-2004-1136 (Buffer overflow in CuteFTP Professional 6.0, and possibly other ...)
NOTE: not-for-us (CuteFTP)
CAN-2004-1135 (Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow ...)
@@ -453,7 +455,8 @@
CAN-2004-1017
NOTE: reserved
CAN-2004-1016 (The scm_send function in the scm layer for Linux kernel 2.4.x up to ...)
- TODO: check with kernel team
+ NOTE: fixed in kernel team svn
+ TODO: track fix
CAN-2004-1015 (Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, ...)
NOTE: cyrus-imapd not vulnerable
NOTE: cyrus21-imapd not vulnerable
Modified: sarge-checks/DSA/list
===================================================================
--- sarge-checks/DSA/list 2004-12-15 20:38:57 UTC (rev 200)
+++ sarge-checks/DSA/list 2004-12-17 18:04:25 UTC (rev 201)
@@ -1,4 +1,7 @@
-[14 Dev 2004] DSA-609-1 atari800 - buffer overflows
+[17 Dev 2004] DSA-610-1 cscope - insecure temporary file
+ {CAN-2004-0996}
+ - cscope 15.5-1
+[14 Dec 2004] DSA-609-1 atari800 - buffer overflows
{CAN-2004-1076}
- atari800 1.3.2-1
[14 Dec 2004] DSA-608-1 zgv - integer overflows, unsanitised input