[Secure-testing-commits] r1668 - data/CAN

Joey Hess joeyh at costa.debian.org
Sat Aug 27 09:14:39 UTC 2005 

Author: joeyh
Date: 2005-08-27 09:14:35 +0000 (Sat, 27 Aug 2005)
New Revision: 1668

Modified:
   data/CAN/list
Log:
automatic CAN database update

Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-08-27 07:20:28 UTC (rev 1667)
+++ data/CAN/list	2005-08-27 09:14:35 UTC (rev 1668)
@@ -1071,11 +1071,12 @@
 CAN-2005-2451 (Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, ...)
 	NOTE: not-for-us (IOS)
 CAN-2005-2450 (Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file ...)
-	{DSA-776-1}
+	{DSA-776-1 DTSA-3-1}
 	- clamav 0.86.2-1 (medium)
 CAN-2005-2449 (Race condition in sandbox before 1.2.11 allows local users to create ...)
 	NOTE: not-for-us (sandbox)
 CAN-2005-2448 (Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow ...)
+	{DTSA-4-1 DTSA-2-1}
 	- ekg 1:1.5+20050718+1.6rc3-1 (low)
 	- centericq 4.20.0-9 (bug #323185; medium)
 CAN-2005-2447
@@ -1275,10 +1276,11 @@
 CAN-2005-2371 (Unknown vulnerability in Oracle Reports 6.0, 6i, 9i, and 10g allows ...)
 	NOTE: not-for-us (Oracle Reports)
 CAN-2005-2370 (Multiple "memory alignment errors" in libgadu, as used in ekg before ...)
-	{DSA-769-1}
+	{DSA-769-1 DTSA-2-1}
 	- gaim 1:1.4.0-5 (low)
 	- centericq 4.20.0-9 (bug #323185; low)
 CAN-2005-2369 (Multiple integer signedness errors in libgadu, as used in ekg before ...)
+	{DTSA-2-1}
 	TODO: check gaim and others that embed libgadu in source tree
 	- centericq 4.20.0-9 (bug #323185; medium)
 CAN-2005-2368 (vim 6.3 before 6.3.082, with modelines enabled, allows external ...)
@@ -2650,7 +2652,7 @@
 CAN-2005-2071 (traceroute in Sun Solaris 10 on x86 systems allows local users to ...)
 	NOTE: not-for-us (Solaris)
 CAN-2005-2070 (The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used ...)
-	{DSA-737-1}
+	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86-1 (medium)
 CAN-2005-2069 (pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a ...)
 	- openldap2.2 2.2.26-3 (medium)
@@ -2682,7 +2684,7 @@
 CAN-2005-2057 (Multiple cross-site scripting (XSS) vulnerabilities in Infopop ...)
 	NOTE: not-for-us (Infopop UBB.Threads)
 CAN-2005-2056 (The Quantum archive decompressor in Clam AntiVirus (ClamAV) before ...)
-	{DSA-737-1}
+	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1-1 (medium)
 CAN-2005-2055 (RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne ...)
 	NOTE: not-for-us (RealPlayer)
@@ -3673,10 +3675,10 @@
 CAN-2005-1924
 	NOTE: reserved
 CAN-2005-1923 (The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, ...)
-	{DSA-737-1}
+	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1 (bug #316401; medium)
 CAN-2005-1922 (The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 ...)
-	{DSA-737-1}
+	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1-1 (low)
 CAN-2005-1921 (Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka ...)
 	{DSA-746-1 DSA-747-1 DSA-745-1}
@@ -3701,12 +3703,12 @@
 	NOTE: not-for-us (kpopper)
 	NOTE: there is a kpopper in kerberos4kth-servers, but this is not the same one
 CAN-2005-1916 (linki.py in ekg 2005-06-05 and earlier allows local users to overwrite ...)
-	{DSA-760-1}
+	{DSA-760-1 DTSA-4-1}
 	- ekg 1:1.5+20050712+1.6rc2-1 (low)
 CAN-2005-1915
 	NOTE: reserved
 CAN-2005-1914 (CenterICQ 4.20.0 and earlier creates temporary files with predictable ...)
-	{DSA-754-1}
+	{DSA-754-1 DTSA-2-1}
 	- centericq 4.20.0-7 (medium)
 CAN-2005-1913 [Kernel changelog for 2.6.12.1: Clean up subthread exec]
 	NOTE: reserved
@@ -3841,16 +3843,16 @@
 	{DSA-770-1}
 	- gopher 3.0.8 (low)
 CAN-2005-1852 (Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 ...)
-	{DSA-767-1}
+	{DSA-767-1 DTSA-4-1}
 	NOTE: Kopete embeds the vulnerable code, but it's only used as a fallback when
 	NOTE: no shared lib version is found. As the Debian package has a dependency on
 	NOTE: it the maintainer does not intent to fix it, see # 319443
 	- ekg 1:1.5+20050712+1.6rc3-1 (medium)
 CAN-2005-1851 (A certain contributed script for ekg Gadu Gadu client 1.5 and earlier ...)
-	{DSA-760-1}
+	{DSA-760-1 DTSA-4-1}
 	- ekg 1:1.5+20050712+1.6rc2-1 (low)
 CAN-2005-1850 (Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier ...)
-	{DSA-760-1}
+	{DSA-760-1 DTSA-4-1}
 	- ekg 1:1.5+20050712+1.6rc2-1 (low)
 CAN-2005-1849 (inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of ...)
 	{DSA-763-1}

More information about the Secure-testing-commits mailing list