[Secure-testing-commits] r207 - sarge-checks/CAN

Wed, 22 Dec 2004 10:53:43 -0700

Author: joeyh
Date: 2004-12-22 10:53:29 -0700 (Wed, 22 Dec 2004)
New Revision: 207

Modified:
   sarge-checks/CAN/list
Log:
updates from BTS


Modified: sarge-checks/CAN/list
===================================================================

--- sarge-checks/CAN/list	2004-12-22 17:35:32 UTC (rev 206)
+++ sarge-checks/CAN/list	2004-12-22 17:53:29 UTC (rev 207)
@@ -11,7 +11,8 @@
 CAN-2004-1309
 	TODO: check
 CAN-2004-1308
-	TODO: check
+	- libtiff4 (unfixed; bug #286833)
+	TODO: other packages containing libtiff code may be vulnerable (kfax?)
 CAN-2004-1307
 	NOTE: reserved
 CAN-2004-1306
@@ -19,7 +20,7 @@
 CAN-2004-1305
 	NOTE: reserved
 CAN-2004-1304
-	TODO: check
+	- file (unfixed; bug #283316)
 CAN-2004-1303
 	TODO: check
 CAN-2004-1302
@@ -27,7 +28,7 @@
 CAN-2004-1301
 	TODO: check
 CAN-2004-1300
-	TODO: check
+	- libxine1 (unfixed; bug #285899)
 CAN-2004-1299
 	TODO: check
 CAN-2004-1298
@@ -36,10 +37,11 @@
 	TODO: check
 CAN-2004-1296
 	NOTE: reserved
+	- pic2graph (unfixed; bug #286371)
 CAN-2004-1295
 	TODO: check
 CAN-2004-1294
-	TODO: check
+	- tnftp (unfixed; bug #285902)
 CAN-2004-1293
 	TODO: check
 CAN-2004-1292
@@ -99,7 +101,7 @@
 CAN-2004-1265
 	TODO: check
 CAN-2004-1264
-	TODO: check
+	- chbg (unfixed; bug #285904)
 CAN-2004-1263
 	TODO: check
 CAN-2004-1262
@@ -111,7 +113,7 @@
 CAN-2004-1259
 	TODO: check
 CAN-2004-1258
-	TODO: check
+	- abcm2ps (unfixed; bug #285903)
 CAN-2004-1257
 	TODO: check
 CAN-2004-1256
@@ -254,7 +256,7 @@
 CAN-2004-1189
 	NOTE: reserved
 CAN-2004-1188 (The pnm_get_chunk function in xine 0.99.2 and earlier, and other ...)
-	TODO: check
+	- libxine1 (unfixed; bug #286077)
 CAN-2004-1187 (Heap-based buffer overflow in the pnm_get_chunk function for xine ...)
 	TODO: check
 CAN-2004-1186
@@ -316,10 +318,8 @@
 CAN-2004-1159
 	NOTE: rejected
 CAN-2004-1158 (Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows ...)
-	TODO: check
-	NOTE: unable to really reproduce it using their test page
-	NOTE: vulnerale version is unclear. What's the -6 in the version
-	NOTE: numer the reference? RedHat revision?
+	- kdelibs 4:3.3.1-3
+	- kdebase (unfixed; bug #286516)
 CAN-2004-1157 (Opera 7.x up to 7.54, and possibly other versions, allows remote ...)
 	NOTE: not-for-us (Opera)
 CAN-2004-1156 (Mozilla through 1.7.x, and Mozilla Firefox through 1.x, allows remote ...)
@@ -349,10 +349,12 @@
 	NOTE: reserved
 CAN-2004-1145
 	NOTE: reserved
+	- kdelibs (unfixed; bug #286521)
 CAN-2004-1144
 	NOTE: reserved
 CAN-2004-1143
 	NOTE: reserved
+	- mailman (unfixed; bug #286796)
 CAN-2004-1142
 	NOTE: reserved
 CAN-2004-1141



