[Secure-testing-commits] r722 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Sat, 02 Apr 2005 03:59:50 +0000
Author: joeyh
Date: 2005-04-02 03:59:47 +0000 (Sat, 02 Apr 2005)
New Revision: 722
Modified:
sarge-checks/CAN/list
Log:
update with info from USN-103-1
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-04-01 21:14:26 UTC (rev 721)
+++ sarge-checks/CAN/list 2005-04-02 03:59:47 UTC (rev 722)
@@ -538,6 +538,10 @@
NOTE: Fixed in 2.4.30rc2, so 2.4 is affected as well
CAN-2005-0749
NOTE: reserved
+ NOTE: according to ubuntu, this is a DOS:
+ NOTE: "A specially crafted ELF library or executable could cause an
+ NOTE: attempt to free an invalid pointer, which lead to a kernel crash."
+ TOOD: see USN-103-1 for info on this kernel hole; get patch from ubuntu
CAN-2003-1131 (PHP remote code injection vulnerability in index.php in ...)
NOTE: not-for-us (ActiveCampaign KnowledgeBuilder)
CAN-2002-1601 (The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe ...)