[Secure-testing-commits] r145 - sarge-checks/CVE

SALVETTI Djoum?? djoume-guest@haydn.debian.org
Mon, 22 Nov 2004 11:28:40 -0700


Author: djoume-guest
Date: 2004-11-22 11:28:14 -0700 (Mon, 22 Nov 2004)
New Revision: 145

Modified:
   sarge-checks/CVE/list
Log:
* processed my block and a few more.


Modified: sarge-checks/CVE/list
===================================================================
--- sarge-checks/CVE/list	2004-11-22 01:46:43 UTC (rev 144)
+++ sarge-checks/CVE/list	2004-11-22 18:28:14 UTC (rev 145)
@@ -164,8 +164,6 @@
 
 end claimed by wart
 
-begin claimed by djoume
-
 CVE-2003-1328
 	NOTE: not-for-us (windows)
 CVE-2003-1326
@@ -265,8 +263,6 @@
 	NOTE: covered by DSA-380
 CVE-2003-0070
 	- vte 0.11.10-1
-	NOTE: I have mailed maintainer to be 100% sure.
-	TODO: check
 CVE-2003-0069
 	- putty 0.54-1
 CVE-2003-0068
@@ -607,132 +603,157 @@
 CVE-2002-1361
 	NOTE: not-for-us (sun)
 CVE-2002-1350
+	- tcpdump 3.7.1-1.2
 	NOTE: covered by DSA-206
 CVE-2002-1349
-	TODO: check
+	NOTE: not-for-us (PC-cillin)
 CVE-2002-1348
+	- w3mmee 0.3.p24.17-3
 	NOTE: covered by DSA-249
 CVE-2002-1337
+	- sendmail 8.13.0.PreAlpha4-0
+	NOTE: sendmail-wide not in testing/unstable
 	NOTE: covered by DSA-257
 CVE-2002-1336
-	TODO: check
+	- tightvnc 1.2.6-1
 CVE-2002-1327
-	TODO: check
+	NOTE: not-for-us (windows)
 CVE-2002-1325
-	TODO: check
+	NOTE: not-for-us (windows)
 CVE-2002-1323
+	- perl 5.8.0-14
 	NOTE: covered by DSA-208
 CVE-2002-1320
-	TODO: check
+	NOTE: not-for-us (pine not in Debian)
 CVE-2002-1319
-	TODO: check
+	NOTE: fixed after 2.4.20 kernel (2.6 not vulnerable)
 CVE-2002-1318
+	- samba samba 2.99.cvs.20020713-1
 	NOTE: covered by DSA-200
 CVE-2002-1317
-	TODO: check
+	NOTE: not-for-us (solaris)
 CVE-2002-1313
+	- nullmailer 1.00RC5-17
 	NOTE: covered by DSA-198
 CVE-2002-1311
+	- courier 0.40.0-1
 	NOTE: covered by DSA-197
 CVE-2002-1308
-	TODO: check
+	- mozilla mozilla 2:1.2-1
+	NOTE: woody is vulnerable see #237422
 CVE-2002-1307
+	- mhonarc 2.5.13-1
 	NOTE: covered by DSA-199
 CVE-2002-1296
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CVE-2002-1284
-	TODO: check
+	- kdeutils 4:3.2.1-1
 CVE-2002-1278
-	TODO: check
+	NOTE: Linuxconf not in testing/unstable
 CVE-2002-1277
+	- wmaker 0.80.1-1
 	NOTE: covered by DSA-190
 CVE-2002-1272
-	TODO: check
+	NOTE: not-for-us (Alcatel)
 CVE-2002-1271
+	- libmailtools-perl 1.51
 	NOTE: covered by DSA-386
 CVE-2002-1270
-	TODO: check
+	NOTE: not-for-us (Mac OS X)
 CVE-2002-1268
-	TODO: check
+	NOTE: not-for-us (Mac OS X)
 CVE-2002-1267
-	TODO: check
+	NOTE: not-for-us (Mac OS X)
 CVE-2002-1266
-	TODO: check
+	NOTE: not-for-us (Mac OS X)
 CVE-2002-1265
+	NOTE: don't know which version of glibc fix this
+	NOTE: I've mailed maintainers.
 	TODO: check
 CVE-2002-1264
-	TODO: check
+	NOTE: not-for-us (oracle)
 CVE-2002-1260
-	TODO: check
+	NOTE: not-for-us (Microsoft JVM)
 CVE-2002-1257
-	TODO: check
+	NOTE: not-for-us (Microsoft JVM)
 CVE-2002-1256
-	TODO: check
+	NOTE: not-for-us (Microsoft Windows)
 CVE-2002-1255
-	TODO: check
+	NOTE: not-for-us (Microsoft Outlook)
 CVE-2002-1253
-	TODO: check
+	NOTE: not-for-us (Abuse 2.00 not in Debian)
 CVE-2002-1252
-	TODO: check
+	NOTE: not-for-us (PeopleSoft)
 CVE-2002-1251
+	- log2mail 0.2.6-1
 	NOTE: covered by DSA-186
 CVE-2002-1250
-	TODO: check
+	NOTE: not-for-us (Abuse 2.00 not in Debian)
 CVE-2002-1248
-	TODO: check
+	NOTE: not-for-us (Xeneo Web Server)
 CVE-2002-1245
+	- luxman 0.41-19
 	NOTE: covered by DSA-189
 CVE-2002-1244
-	TODO: check
+	NOTE: not-for-us (Pablo FTP Server)
 CVE-2002-1242
-	TODO: check
+	NOTE: not-for-us (PHP-Nuke not in Debian)
 CVE-2002-1239
-	TODO: check
+	NOTE: not-for-us (QNX)
 CVE-2002-1236
-	TODO: check
+	NOTE: not-for-us (Linksys)
 CVE-2002-1232
+	- nis 3.9-6.2
 	NOTE: covered by DSA-180
 CVE-2002-1231
-	TODO: check
+	NOTE: not-for-us (SCO)
 CVE-2002-1230
-	TODO: check
+	NOTE: not-for-us (Windows NT)
 CVE-2002-1227
+	- pam 0.76-6
 	NOTE: covered by DSA-177
 CVE-2002-1224
-	TODO: check
+	- kdenetwork 4:3.1.0-1
 CVE-2002-1223
-	TODO: check
+	- kdegraphics 4:3.1.0-1
 CVE-2002-1222
-	TODO: check
+	NOTE: not-for-us (CISCO)
 CVE-2002-1221
+	- bind 8.3.3-3
 	NOTE: covered by DSA-196
 CVE-2002-1220
+	- bind 8.3.3-3
 	NOTE: covered by DSA-196
 CVE-2002-1219
+	- bind 8.3.3-3
 	NOTE: covered by DSA-196
 CVE-2002-1214
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CVE-2002-1211
-	TODO: check
+	NOTE: not-for-us (Prometheus not in Debian)
 CVE-2002-1200
+	- syslog-ng 1.5.21-1
 	NOTE: covered by DSA-175
 CVE-2002-1199
-	TODO: check
+	NOTE: not-for-us (ypxfrd not in Debian)
 CVE-2002-1198
-	TODO: check
+	bugzilla 2.16.1-1
+	NOTE: woody seems to be vulnerable, bug filed 
 CVE-2002-1197
-	TODO: check
+	bugzilla 2.16.1-1
+	NOTE: woody seems to be vulnerable, bug filed 
 CVE-2002-1196
+	- bugzilla 2.16.0-2.1
 	NOTE: covered by DSA-173
 CVE-2002-1195
+	- php3 3.0.18-23.2
+	- php4 4.2.3-3
 	NOTE: covered by DSA-169
 CVE-2002-1193
+	NOTE: tkmail not in testing/unstable
 	NOTE: covered by DSA-172
 CVE-2002-1189
-	TODO: check
-
-end claimed by djoume
-
+	NOTE: not-for-us (CISCO)
 CVE-2002-1188
 	NOTE: not-for-us (Microsoft)
 CVE-2002-1187
@@ -1067,45 +1088,45 @@
 CVE-2002-0801
 	NOTE: not-for-us (Macromedia / Windows)
 CVE-2002-0795
-	TODO: check
+	NOTE: not-for-us (FreeBSD)
 CVE-2002-0794
-	TODO: check
+	NOTE: not-for-us (FreeBSD)
 CVE-2002-0790
-	TODO: check
+	NOTE: not-for-us (AIX)
 CVE-2002-0789
-	TODO: check
+	- mnogosearch 3.1.19-3
 CVE-2002-0788
-	TODO: check
+	NOTE: not-for-us (windows)
 CVE-2002-0785
-	TODO: check
+	NOTE: not-for-us (AOL AIM)
 CVE-2002-0778
-	TODO: check
+	NOTE: not-for-us (CISCO)
 CVE-2002-0777
-	TODO: check
+	NOTE: not-for-us (Ipswitch not in Debian)
 CVE-2002-0776
-	TODO: check
+	NOTE: not-for-us (Hosting Controller 2002)
 CVE-2002-0768
-	TODO: check
+	- lukemftp 1.5-7
 CVE-2002-0766
-	TODO: check
+	NOTE: not-for-us (OpenBSD)
 CVE-2002-0765
-	TODO: check
+	- openssh 1:3.3p1-0.0woody1
 CVE-2002-0762
-	TODO: check
+	NOTE: not-for-us (SUSE specific)
 CVE-2002-0761
-	TODO: check
+	NOTE: not-for-us (FreeBSD and OpenLinux)
 CVE-2002-0760
-	TODO: check
+	NOTE: not-for-us (FreeBSD and OpenLinux)
 CVE-2002-0759
-	TODO: check
+	NOTE: not-for-us (FreeBSD and OpenLinux)
 CVE-2002-0758
-	TODO: check
+	NOTE: not-for-us (SUSE specific)
 CVE-2002-0755
-	TODO: check
+	NOTE: not-for-us (FreeBSD)
 CVE-2002-0754
-	TODO: check
+	NOTE: not-for-us (FreeBSD)
 CVE-2002-0748
-	TODO: check
+	NOTE: not-for-us (Labview)
 
 begin claimed by joeyh