[Secure-testing-commits] r126 - sarge-checks/CAN
Joey Hess
joeyh@haydn.debian.org
Tue, 16 Nov 2004 13:43:13 -0700
Author: joeyh
Date: 2004-11-16 13:43:06 -0700 (Tue, 16 Nov 2004)
New Revision: 126
Modified:
sarge-checks/CAN/list
Log:
checked more 2003 CANs
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2004-11-16 19:51:30 UTC (rev 125)
+++ sarge-checks/CAN/list 2004-11-16 20:43:06 UTC (rev 126)
@@ -1784,8 +1784,10 @@
NOTE: covered by DSA-463
CAN-2004-0184
NOTE: covered by DSA-478
+ - tcpdump 3.7.2-4
CAN-2004-0183
NOTE: covered by DSA-478
+ - tcpdump 3.7.2-4
CAN-2004-0182
NOTE: not-for-us (mailman; RedHat specific bug)
CAN-2004-0181
@@ -2459,7 +2461,7 @@
NOTE: this file is not used in Debian, so it's not a problem for us.
NOTE: source package still distributes the file, however.
TODO: submitted to BTS. waiting for response.
- - openslp (unfixed; bug #279973
+ - openslp (unfixed; bug #279973; only problem in source package)
CAN-2003-0874
NOTE: not-for-us (Deskpro)
CAN-2003-0873
@@ -3317,7 +3319,7 @@
CAN-2003-0466
NOTE: covered by DSA-357
CAN-2003-0465 strncpy in kernel does not pad with zeroes
- TODO: (unfixed; bug #280492)
+ - kernel-source-2.4.27 (unfixed; bug #280492)
NOTE: generic .c version fixed in 2.6.x but not in 2.4.x
NOTE: arch specific asm versions:
NOTE: x86 is not affected
@@ -3740,7 +3742,7 @@
CAN-2003-0264
NOTE: not-for-us (SLMail)
CAN-2003-0263
- TODO: not-for-us (FTGatePro)
+ NOTE: not-for-us (FTGatePro)
CAN-2003-0262
NOTE: covered by DSA-299
CAN-2003-0261
@@ -3871,28 +3873,28 @@
CAN-2003-0199
NOTE: reserved
CAN-2003-0198
- TODO: check
+ NOTE: not-for-us (MacOS)
CAN-2003-0197
- TODO: check
+ NOTE: not-for-us (Interbase Database)
CAN-2003-0196
NOTE: covered by DSA-280
CAN-2003-0195
NOTE: covered by DSA-317
CAN-2003-0194
- TODO: check
+ NOTE: apparently a redhat specific compilation prolem of tcpdump
CAN-2003-0193
NOTE: covered by DSA-576-1
- catdoc 0.91.5-2
CAN-2003-0192
- apache2 2.0.47
CAN-2003-0190
- TODO: check
+ - ssh (unfixed; bug filed)
CAN-2003-0189
- apache2 2.0.46
CAN-2003-0188
NOTE: covered by DSA-304
CAN-2003-0187
- TODO: check
+ NOTE: only affects kernel 2.4.19, 2.4.20.
CAN-2003-0186
NOTE: reserved
CAN-2003-0185
@@ -3904,51 +3906,51 @@
CAN-2003-0182
NOTE: reserved
CAN-2003-0181
- TODO: check
+ NOTE: not-for-us (Lotus Domino Web Server)
CAN-2003-0180
- TODO: check
+ NOTE: not-for-us (Lotus Domino Web Server)
CAN-2003-0179
- TODO: check
+ NOTE: not-for-us (Lotus Domino Web Server)
CAN-2003-0178
- TODO: check
+ NOTE: not-for-us (Lotus Domino Web Server)
CAN-2003-0177
- TODO: check
+ NOTE: not-for-us (IRIX)
CAN-2003-0176
- TODO: check
+ NOTE: not-for-us (IRIX)
CAN-2003-0175
- TODO: check
+ NOTE: not-for-us (IRIX)
CAN-2003-0174
- - apache2 2.0.49
+ NOTE: not-for-us (IRIX)
CAN-2003-0173
NOTE: covered by DSA-283
CAN-2003-0172
- TODO: check
+ NOTE: not belived to be vulnerable (http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2)
CAN-2003-0171
- TODO: check
+ NOTE: not-for-us (MacOS)
CAN-2003-0170
- TODO: check
+ NOTE: not-for-us (AIX)
CAN-2003-0169
- TODO: check
+ NOTE: not-for-us (HP Instant TopTools)
CAN-2003-0168
- TODO: check
+ NOTE: not-for-us (Apple QuickTime Player)
CAN-2003-0167
NOTE: covered by DSA-274
CAN-2003-0166
- TODO: check
+ NOTE: not belived to be vulnerable (http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2)
CAN-2003-0165
- TODO: check
+ - eog 2.2.1
CAN-2003-0164
NOTE: reserved
CAN-2003-0163
- TODO: check
+ NOTE: Gaim-Encryption Plugin not in debian
CAN-2003-0162
NOTE: covered by DSA-271
CAN-2003-0161
NOTE: covered by DSA-278
CAN-2003-0160
- TODO: check
+ - squirrelmail 1:1.2.11
CAN-2003-0159
- TODO: check
+ - ethereal 0.9.10
CAN-2003-0158
NOTE: rejected
CAN-2003-0157
@@ -3964,13 +3966,13 @@
CAN-2003-0152
NOTE: covered by DSA-265
CAN-2003-0151
- TODO: check
+ NOTE: not-for-us (BEA WebLogic Server)
CAN-2003-0150
NOTE: covered by DSA-303
CAN-2003-0149
- TODO: check
+ NOTE: not-for-us (McAfee ePolicy Orchestrator)
CAN-2003-0148
- TODO: check
+ NOTE: not-for-us (McAfee ePolicy Orchestrator)
CAN-2003-0147
NOTE: covered by DSA-288
CAN-2003-0146
@@ -3982,9 +3984,9 @@
CAN-2003-0143
NOTE: covered by DSA-259
CAN-2003-0142
- TODO: check
+ NOTE: not-for-us (acroread)
CAN-2003-0141
- TODO: check
+ NOTE: not-for-us (Real)
CAN-2003-0140
NOTE: covered by DSA-268
CAN-2003-0139
@@ -3992,61 +3994,62 @@
CAN-2003-0138
NOTE: covered by DSA-266
CAN-2003-0137
- TODO: check
+ NOTE: not-for-us (Nokia Serving GPRS support node)
CAN-2003-0136
NOTE: covered by DSA-285
-CAN-2003-0135
- TODO: check
+CAN-2003-0135
+ NOTE: red-hat specific compilation problem of vsftpd
CAN-2003-0134
- apache2 2.0.46
CAN-2003-0133
- TODO: check
+ - evolution 1.2.4
CAN-2003-0132
- apache2 2.0.45
CAN-2003-0131
NOTE: covered by DSA-288
CAN-2003-0130
- TODO: check
+ - evolution 1.2.3
CAN-2003-0129
- TODO: check
+ - evolution 1.2.3
CAN-2003-0128
- TODO: check
+ - evolution 1.2.3
CAN-2003-0127
NOTE: covered by DSA-270
CAN-2003-0126
- TODO: check
+ NOTE: not-for-us (SOHO Routefinder 550 firmware)
CAN-2003-0121
- TODO: check
+ NOTE: not-for-us (Clearswift MAILsweeper)
CAN-2003-0120
NOTE: covered by DSA-256
CAN-2003-0119
- TODO: check
+ NOTE: not-for-us (AIX)
CAN-2003-0118
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2003-0117
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2003-0116
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2003-0115
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2003-0114
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2003-0113
- - apache2 2.0.49
+ NOTE: not-for-us (Microsoft)
CAN-2003-0112
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2003-0111
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2003-0110
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2003-0109
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2003-0108
NOTE: covered by DSA-255
+ - tcpdump 3.7.1-1.2
CAN-2003-0106
- TODO: check
+ NOTE: not-for-us (Symantec Enterprise Firewall)
CAN-2003-0105
- TODO: check
+ NOTE: not-for-us (ServerMask)
CAN-2003-0102
NOTE: covered by DSA-260
CAN-2003-0101
@@ -4056,37 +4059,38 @@
CAN-2003-0098
NOTE: covered by DSA-277
CAN-2003-0096
- TODO: check
+ NOTE: not-for-us (Oracle)
CAN-2003-0093
NOTE: covered by DSA-261
CAN-2003-0092
- TODO: check
+ NOTE: not-for-us (Solaris)
CAN-2003-0091
- TODO: check
+ NOTE: not-for-us (Solaris)
CAN-2003-0090
NOTE: rejected
CAN-2003-0089
- TODO: check
+ NOTE: not-for-us (HP-UX)
CAN-2003-0086
NOTE: covered by DSA-262
CAN-2003-0085
NOTE: covered by DSA-262
CAN-2003-0084
- TODO: check
+ NOTE: mod_auth_any not in Debian
CAN-2003-0083
- apache2 2.0.46
+ - apache 1.3.25
CAN-2003-0082
NOTE: covered by DSA-266
CAN-2003-0081
NOTE: covered by DSA-258
CAN-2003-0080
- TODO: check
+ - gnome-lokkit 0.50.22-4
CAN-2003-0078
NOTE: covered by DSA-253
CAN-2003-0076
- TODO: check
+ - dcgui 0.2.2
CAN-2003-0074
- TODO: check
+ - plptools 0.12-0
CAN-2003-0073
NOTE: covered by DSA-303
CAN-2003-0072