[Secure-testing-commits] r1699 - data/CAN
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Sun Aug 28 18:35:39 UTC 2005
Author: jmm-guest
Date: 2005-08-28 18:35:35 +0000 (Sun, 28 Aug 2005)
New Revision: 1699
Modified:
data/CAN/list
Log:
gallery fixed, fixes another gallery vuln as well
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-08-28 17:41:34 UTC (rev 1698)
+++ data/CAN/list 2005-08-28 18:35:35 UTC (rev 1699)
@@ -1,7 +1,7 @@
CAN-2005-XXXX [Insecure tempfile usage in tleds]
- tleds 1.05beta10-9 (bug# 276789; low)
CAN-2005-XXXX [XSS in gallery's EXIF handling]
- - gallery (unfixed; bug #325285; medium)
+ - gallery 1.5-2 (bug #325285; medium)
- gallery2 (unfixed; bug #325285; medium)
CAN-2005-2693 [cvs: cvsbug temporary file bug]
NOTE: not shipped in binary package
@@ -413,7 +413,7 @@
CAN-2005-2597 (AOL Client Software 9.0 uses insecure permissions for its installation ...)
NOTE: not-for-us (AOL Client)
CAN-2005-2596 (User.php in Gallery, as used in Postnuke, allows users with any Admin ...)
- NOTE: not-for-us (Gallery, as used in Postnuke)
+ - gallery 1.5-2 (medium)
CAN-2005-2595 (Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 ...)
NOTE: not-for-us (Dada Mail)
CAN-2005-2594 (Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to ...)
More information about the Secure-testing-commits
mailing list