[Secure-testing-commits] r905 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Mon, 25 Apr 2005 09:25:29 +0000
Author: jmm-guest
Date: 2005-04-25 09:25:23 +0000 (Mon, 25 Apr 2005)
New Revision: 905
Modified:
sarge-checks/CAN/list
Log:
heimdal telnet vuln fixed.
claim a few new ones.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-04-25 09:14:28 UTC (rev 904)
+++ sarge-checks/CAN/list 2005-04-25 09:25:23 UTC (rev 905)
@@ -1,3 +1,4 @@
+begin claimed by jmm
CAN-2005-1245 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, ...)
TODO: check
CAN-2005-1244 (Directory traversal vulnerability in the third party tool from NetIQ, ...)
@@ -82,6 +83,7 @@
NOTE: reserved
CAN-2002-1657 (PostgreSQL uses the username for a salt when generating passwords, ...)
TODO: check
+end claimed by jmm
CAN-2005-XXXX [libpam-ssh: Inproper caching of pwd data with potential security implications]
- libpam-ssh 1.91.0-9
CAN-2005-1204 (Desktop Rover 3.0, and possibly earlier versions, allows remote ...)
@@ -2581,7 +2583,7 @@
{DSA-703-1 DSA-699-1 DSA-697-1}
- krb4 (unfixed; bug #306141)
- krb5 1.3.6-2
- - heimdal (unfixed; bug #305574)
+ - heimdal 0.6.3-10
CAN-2005-0468 (Heap-based buffer overflow in the env_opt_add function in telnet.c for ...)
{DSA-703-1}
- krb5 1.3.6-2