[Secure-testing-commits] r130 - sarge-checks/CAN
Paul Dwerryhouse
pdwerryh-guest@haydn.debian.org
Thu, 18 Nov 2004 06:07:23 -0700
Author: pdwerryh-guest
Date: 2004-11-18 06:07:11 -0700 (Thu, 18 Nov 2004)
New Revision: 130
Modified:
sarge-checks/CAN/list
Log:
completed my latest block, couple of TODOs remaining
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2004-11-17 23:37:27 UTC (rev 129)
+++ sarge-checks/CAN/list 2004-11-18 13:07:11 UTC (rev 130)
@@ -4195,8 +4195,8 @@
CAN-2002-1583
NOTE: not-for-us (IBM DB2)
CAN-2002-1582
- NOTE: mailreader. not clear if this was fixed.
- TODO: check
+ NOTE: mailreader. Affects 2.3.30 and 2.3.31.
+ NOTE: Sarge uses 2.3.29.
CAN-2002-1581
NOTE: covered by DSA-534
- mailreader 2.3.29-9
@@ -4333,167 +4333,280 @@
NOTE: phpGB not in Debian
CAN-2002-1478
NOTE: covered by DSA-164
+ - cacti 0.6.8a-2
CAN-2002-1477
NOTE: covered by DSA-164
+ - cacti 0.6.8a-2
CAN-2002-1475
+ NOTE: not-for-us (HPUX)
CAN-2002-1474
+ NOTE: not-for-us (HPUX)
CAN-2002-1473
+ NOTE: not-for-us (HPUX)
CAN-2002-1470
+ NOTE: not-for-us (Shoutcase)
CAN-2002-1467
+ - flashplugin-nonfree 6.0.61.0-1
CAN-2002-1466
+ NOTE: not-for-us (Cafelog)
CAN-2002-1465
+ NOTE: not-for-us (Cafelog)
CAN-2002-1464
+ NOTE: not-for-us (Cafelog)
CAN-2002-1462
+ NOTE: not-for-us (Organic PHP)
CAN-2002-1461
+ NOTE: not-for-us (Webshop Manager)
CAN-2002-1460
+ NOTE: L-Forum not in Debian
CAN-2002-1459
+ NOTE: L-Forum not in Debian
CAN-2002-1458
+ NOTE: L-Forum not in Debian
CAN-2002-1457
+ NOTE: L-Forum not in Debian
CAN-2002-1456
+ NOTE: not-for-us (mIRC)
CAN-2002-1455
+ NOTE: not-for-us (OmniHTTPD)
CAN-2002-1454
+ NOTE: not-for-us (MyWebServer)
CAN-2002-1453
+ NOTE: not-for-us (MyWebServer)
CAN-2002-1452
+ NOTE: not-for-us (MyWebServer)
CAN-2002-1451
+ NOTE: Blazix not in Debian
CAN-2002-1450
+ NOTE: not-for-us (IBM UniVerse)
CAN-2002-1449
+ NOTE: eUpload not in Debian
CAN-2002-1445
+ NOTE: CERN HTTPD not in Debian
CAN-2002-1444
+ NOTE: not-for-us (Google Toolbar)
CAN-2002-1442
+ NOTE: not-for-us (Google Toolbar)
CAN-2002-1441
+ NOTE: not-for-us (Tomahawk)
CAN-2002-1440
+ NOTE: not-for-us (Gateway)
CAN-2002-1439
+ NOTE: not-for-us (HPUX)
CAN-2002-1434
+ NOTE: not-for-us (Kerio)
CAN-2002-1433
+ NOTE: not-for-us (Kerio)
CAN-2002-1432
+ NOTE: not-for-us (MidiCart)
CAN-2002-1431
+ NOTE: not-for-us (Belkin)
CAN-2002-1429
+ NOTE: not-for-us (ShoutBox)
CAN-2002-1428
+ NOTE: dotproject not in Debian
CAN-2002-1427
+ NOTE: Easy Homepage Creator not in Debian
CAN-2002-1426
+ NOTE: not-for-us (HP)
CAN-2002-1425
NOTE: covered by DSA-141
+ - mpack 1.5-9
CAN-2002-1423
+ NOTE: hole in fudforum before 2.2.0
+ TODO: check if this is the same as in package phpgroupware-fudforum
+ TODO: have contacted phpgroupware developer to clarify
CAN-2002-1422
+ NOTE: hole in fudforum before 2.2.0
+ TODO: check if this is the same as in package phpgroupware-fudforum
+ TODO: have contacted phpgroupware developer to clarify
CAN-2002-1421
+ NOTE: hole in fudforum before 2.2.0
+ TODO: check if this is the same as in package phpgroupware-fudforum
+ TODO: have contacted phpgroupware developer to clarify
CAN-2002-1416
+ NOTE: not-for-us (Webeasymail)
CAN-2002-1415
+ NOTE: not-for-us (Webeasymail)
CAN-2002-1412
NOTE: covered by DSA-138
+ - gallery 1.3-1
CAN-2002-1411
+ NOTE: not-for-us (Duma)
CAN-2002-1410
+ NOTE: not-for-us (East Guestbook)
CAN-2002-1409
+ NOTE: not-for-us (HPUX)
CAN-2002-1408
+ NOTE: not-for-us (HP Openview)
CAN-2002-1406
+ NOTE: not-for-us (HPUX)
CAN-2002-1405
NOTE: covered by DSA-210
+ - lynx 2.8.4.1b-3.2
+ - lynx-ssl 1:2.8.4.1b-3.1
CAN-2002-1404
NOTE: rejected
CAN-2002-1403
NOTE: covered by DSA-219
+ NOTE: Debian sarge uses dhcp > 2.0
CAN-2002-1402
+ NOTE: covered by DSA-165
+ - postgresql 7.2.2-2
CAN-2002-1401
NOTE: covered by DSA-165
+ - postgresql 7.2.2-2
CAN-2002-1400
NOTE: covered by DSA-165
+ - postgresql 7.2.2-2
CAN-2002-1399
+ - postgresql 7.2.2-2
CAN-2002-1398
NOTE: covered by DSA-165
+ - postgresql 7.2.2-2
CAN-2002-1397
+ - postgresql 7.2.2-2
CAN-2002-1395
NOTE: covered by DSA-202
+ - im 141-20
CAN-2002-1394
NOTE: covered by DSA-225
+ NOTE: no problem in sarge packages
CAN-2002-1393
NOTE: covered by DSA-234
+ NOTE: KDE2 not in sarge
CAN-2002-1390
NOTE: covered by DSA-223
+ - geneweb 4.09-1
CAN-2002-1389
NOTE: covered by DSA-217
+ - typespeed 0.4.2-2
CAN-2002-1388
NOTE: covered by DSA-221
+ - mhonarc 2.5.14-1
CAN-2002-1387
NOTE: covered by DSA-254
+ - traceroute-nanog 6.3.0-1
CAN-2002-1386
NOTE: covered by DSA-254
+ - traceroute-nanog 6.3.0-1
CAN-2002-1384
NOTE: covered by DSA-222
+ - xpdf 3.00-9
CAN-2002-1383
NOTE: covered by DSA-232
+ - cupsys 1.1.18-1
CAN-2002-1380
NOTE: covered by DSA-336
+ - kernel-source-2.2.25 2.2.25-2
CAN-2002-1379
NOTE: covered by DSA-227
+ - openldap2 2.0.27-3
CAN-2002-1378
NOTE: covered by DSA-227
+ - openldap2 2.0.27-3
CAN-2002-1376
NOTE: covered by DSA-212
+ NOTE: bug in mysql 3, sarge uses mysql 4
CAN-2002-1375
NOTE: covered by DSA-212
+ NOTE: bug in mysql 3, sarge uses mysql 4
CAN-2002-1374
NOTE: covered by DSA-212
+ NOTE: bug in mysql 3, sarge uses mysql 4
CAN-2002-1373
NOTE: covered by DSA-212
+ NOTE: bug in mysql 3, sarge uses mysql 4
CAN-2002-1372
NOTE: covered by DSA-232
+ - cupsys 1.1.18-1
CAN-2002-1371
NOTE: covered by DSA-232
+ - cupsys 1.1.18-1
CAN-2002-1370
NOTE: reserved
CAN-2002-1369
NOTE: covered by DSA-232
+ - cupsys 1.1.18-1
CAN-2002-1368
NOTE: covered by DSA-232
+ - cupsys 1.1.18-1
CAN-2002-1367
NOTE: covered by DSA-232
+ - cupsys 1.1.18-1
CAN-2002-1366
NOTE: covered by DSA-232
+ - cupsys 1.1.18-1
CAN-2002-1365
NOTE: covered by DSA-216
+ - fetchmail 6.2.0-1
CAN-2002-1364
NOTE: covered by DSA-254
+ - traceroute-nanog 6.3.0-1
CAN-2002-1363
NOTE: covered by DSA-213
+ - libpng3 1.2.5-8
CAN-2002-1362
NOTE: covered by DSA-211
+ NOTE: micq not in sarge
CAN-2002-1360
+ NOTE: Debian uses openssh, not vulnerable
CAN-2002-1359
+ NOTE: Debian uses openssh, not vulnerable
CAN-2002-1358
+ NOTE: Debian uses openssh, not vulnerable
CAN-2002-1357
+ NOTE: Debian uses openssh, not vulnerable
CAN-2002-1356
+ - ethereal 0.9.8-1
CAN-2002-1355
+ - ethereal 0.9.8-1
CAN-2002-1354
NOTE: reserved
CAN-2002-1353
NOTE: reserved
CAN-2002-1352
+ NOTE: not-for-us (CartMan)
CAN-2002-1351
NOTE: reserved
CAN-2002-1350
NOTE: covered by DSA-206
+ - tcpdump 3.6.2-2.2
CAN-2002-1348
NOTE: covered by DSA-249
+ - w3mmee 0.3.p24.17-3
CAN-2002-1347
+ - libsasl2 2.1.10-1
CAN-2002-1346
NOTE: reserved
CAN-2002-1345
+ NOTE: multiple ftp client issues
+ TODO: check wget, ftp, ncftp, etc.
CAN-2002-1344
NOTE: covered by DSA-209
+ - wget 1.8.1-6.1
CAN-2002-1343
NOTE: reserved
CAN-2002-1342
NOTE: covered by DSA-203
+ - smb2www 980804-17
CAN-2002-1341
NOTE: covered by DSA-220
- squirrelmail 1:1.3.2-2
CAN-2002-1340
+ NOTE: not-for-us (Office Web Components)
CAN-2002-1339
+ NOTE: not-for-us (Office Web Components)
CAN-2002-1338
+ NOTE: not-for-us (Office Web Components)
CAN-2002-1337
NOTE: covered by DSA-257
+ NOTE: problem in sendmail 8.12, sarge uses 8.13
CAN-2002-1335
NOTE: covered by DSA-249
+ - w3mmee 0.3.p24.17-3
CAN-2002-1334
+ NOTE: not-for-us (BizDesign)
CAN-2002-1333
NOTE: reserved
CAN-2002-1332
@@ -4512,26 +4625,38 @@
NOTE: reserved
CAN-2002-1323
NOTE: covered by DSA-208
+ - perl 5.8.0-14
CAN-2002-1322
+ NOTE: not-for-us (ClearCase)
CAN-2002-1321
+ NOTE: Realplayer not in Sarge
CAN-2002-1318
NOTE: covered by DSA-200
+ NOTE: Problem in Samba 2, sarge uses Samba 3.
CAN-2002-1316
+ NOTE: not-for-us (iPlanet)
CAN-2002-1315
+ NOTE: not-for-us (iPlanet)
CAN-2002-1314
NOTE: reserved
CAN-2002-1313
NOTE: covered by DSA-198
+ - nullmailer 1.00RC5-17
CAN-2002-1312
NOTE: reserved
CAN-2002-1311
NOTE: covered by DSA-197
+ - courier 0.40.0-1
CAN-2002-1310
+ NOTE: not-for-us (Macromedia)
CAN-2002-1309
+ NOTE: not-for-us (Macromedia)
CAN-2002-1307
NOTE: covered by DSA-199
+ - mhonarc 2.5.13-1
CAN-2002-1306
NOTE: covered by DSA-214
+ - kdenetwork 2.2.2-14.20
CAN-2002-1305
NOTE: reserved
CAN-2002-1304