[Secure-testing-commits] r1518 - data/CAN

Wed Aug 3 08:00:47 UTC 2005

Author: joeyh
Date: 2005-08-03 08:00:44 +0000 (Wed, 03 Aug 2005)
New Revision: 1518

Modified:
   data/CAN/list
Log:
updates


Modified: data/CAN/list
===================================================================

--- data/CAN/list	2005-08-03 06:39:34 UTC (rev 1517)
+++ data/CAN/list	2005-08-03 08:00:44 UTC (rev 1518)
@@ -403,7 +403,7 @@
 CAN-2005-XXXX [Multiple security problems in ethereal]
 	- ethereal 0.10.12-1 (medium)
 CAN-2005-XXXX [strobe reads file from unsafe directory]
-	- netdiag (unfixed; bug #206905; low)
+	- netdiag 0.7-7.1 (bug #206905; low)
 CAN-2005-XXXX [Integer overflow in ffmpeg's MPEG encoding]
 	- ffmpeg (unfixed; bug #320150; medium)
 CAN-2005-XXXX [Multiple integer overflows in clamav]
@@ -421,7 +421,7 @@
 	- tdiary 2.0.2-1 (medium)
 CAN-2005-2335 (Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows ...)
 	NOTE: previous fix broken
-	- fetchmail (unfixed; bug #320357; medium)
+	- fetchmail 6.2.5-18 (bug #320357; medium)
 CAN-2005-2320 (WebCalendar before 1.0.0 does not properly restrict access to ...)
 	{DSA-766-1}
 	- webcalender (unfixed; bug #315671; medium)
@@ -909,7 +909,7 @@
 	{DSA-761-1}
 	- heartbeat 1.2.3-12 (medium)
 CAN-2005-2230 (Electronic Mail Operator (elmo) 1.3.2-r1 and earlier creates the ...)
-	- elmo (unfixed; bug #318291; medium)
+	- elmo 1.3.0-1.1 (bug #318291; medium)
 CAN-2005-2229 (Blog Torrent 0.92 and earlier stores sensitive files under the web ...)
 	NOTE: not-for-us (Blog Torrent)
 CAN-2005-2228 (Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message ...)
@@ -1328,7 +1328,7 @@
 	- aide (unfixed; bug #317523; medium)
 	- amd64-libs (unfixed; bug #317970; medium)
 	- ia32-libs (unfixed; bug #317971; medium)
-	- dar-static (unfixed; bug #317989; medium)
+	NOTE: dar-static claimed not used on untrusted input by maintainer in #317989
 	- bacula 1.36.3-2 (medium)
 	- sash 3.7-6 (medium)
 	- libphysfs-1.0-0 1.0.0-5 (medium)


