[Secure-testing-commits] r1610 - in data: CAN DSA
Joey Hess
joeyh at costa.debian.org
Fri Aug 19 15:22:11 UTC 2005
Author: joeyh
Date: 2005-08-19 15:22:06 +0000 (Fri, 19 Aug 2005)
New Revision: 1610
Modified:
data/CAN/list
data/DSA/list
Log:
mantis DSA
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-08-19 10:12:17 UTC (rev 1609)
+++ data/CAN/list 2005-08-19 15:22:06 UTC (rev 1610)
@@ -238,8 +238,10 @@
TODO: check
CAN-2005-2557
NOTE: reserved
+ - mantis 0.19.2-4 (low)
CAN-2005-2556
NOTE: reserved
+ - mantis 0.19.2-4 (medium)
CAN-2005-2555 (Linux kernel 2.6.x does not properly restrict socket policy access to ...)
TODO: check
CAN-2004-2388 (rexecd for AIX 4.3.3 does not properly use a local copy of the pwd ...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2005-08-19 10:12:17 UTC (rev 1609)
+++ data/DSA/list 2005-08-19 15:22:06 UTC (rev 1610)
@@ -1,3 +1,7 @@
+[19 Aug 2005] DSA-778-1 mantis - missing input sanitising
+ {CAN-2005-2556 CAN-2005-2557}
+ - mantis 0.19.2-4 (medium)
+ NOTE: not fixed in testing at time of DSA (nor unstable)
[17 Aug 2005] DSA-777-1 mozilla - frame injection spoofing
{CAN-2004-0718 CAN-2005-1937}
- mozilla-browser 1.7.10-1 (medium)
More information about the Secure-testing-commits
mailing list