[Secure-testing-commits] r1522 - data/CAN
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Aug 4 12:38:02 UTC 2005
Author: jmm-guest
Date: 2005-08-04 12:37:59 +0000 (Thu, 04 Aug 2005)
New Revision: 1522
Modified:
data/CAN/list
Log:
texmacs/zlib fixes in experimental
obscure mod-ssl issue w/o more information
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-08-03 23:00:17 UTC (rev 1521)
+++ data/CAN/list 2005-08-04 12:37:59 UTC (rev 1522)
@@ -1338,8 +1338,8 @@
- lsb-rpm (unfixed; bug #318099; medium)
- rageircd 2.0.0-3sid1 (medium)
- systemimager-ssh (unfixed; bug #318101; medium)
- - texmacs 1.0.5-3 (bug #318100; medium)
- NOTE: texmacs does only link statically on alpha
+ - texmacs (unfixed; bug #318100; medium)
+ NOTE: fixed in experimental in 1:1.0.5.6-1, not yet in sid
CAN-2005-2095 (SquirrelMail 1.4.4 and earlier does not properly handle the $_POST ...)
{DSA-756-1}
- squirrelmail (unfixed; #317094; medium)
@@ -4876,8 +4876,11 @@
CAN-2005-1269 (Gaim before 1.3.1 allows remote attackers to cause a denial of service ...)
{DSA-734-1}
- gaim 1:1.3.1-1 (low)
-CAN-2005-1268
+CAN-2005-1268 [Off-by-one overflow in mod_ssl's CRL verification call back]
NOTE: reserved
+ NOTE: This is from latest Trustix advisory, exploitation would require to trick
+ NOTE: someone into using a maliciously crafted certificate revocation list
+ - libapache-mod-ssl (unfixed; low)
CAN-2005-1267 (The bgp_update_print function in tcpdump 3.x does not properly handle ...)
- tcpdump 3.9.0.cvs.20050614-1 (medium)
CAN-2005-1266 (Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to ...)
More information about the Secure-testing-commits
mailing list