[Secure-testing-commits] r835 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Sun, 17 Apr 2005 18:53:25 +0000
Author: jmm-guest
Date: 2005-04-17 18:53:22 +0000 (Sun, 17 Apr 2005)
New Revision: 835
Modified:
sarge-checks/CAN/list
Log:
New vulns in gocr and libsafe.
freeciv has been fixed in experimental.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-04-17 18:35:23 UTC (rev 834)
+++ sarge-checks/CAN/list 2005-04-17 18:53:22 UTC (rev 835)
@@ -1,3 +1,7 @@
+CAN-2005-XXXX [Integer and heap overflow in PNM processing of gocr]
+ - gocr (unfixed; bug pending)
+CAN-2005-XXXX [libsafe security check bypass in multi threaded environments]
+ - libsafe (unfixed; bug pending)
CAN-2005-XXXX [Remote DoS vulnerabilities in postgrey]
- postgrey 1.21-1
CAN-2005-1106 (PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers ...)
@@ -375,6 +379,7 @@
- kernel-source-2.6.8 2.6.8-16
CAN-2005-XXXX [Several DoS possibilities of clients against the server in Freeciv]
NOTE: The major cases don't affect 1.14, maintainers hope to get 2.0 into Sarge
+ NOTE: fixed-in-experimental
- freeciv (unfixed; bug #302702)
CAN-2005-XXXX [mailscanner: lock/pid file location symlink attack]
- mailscanner 4.40.11-1