[Secure-testing-commits] r1715 - data/CAN

Joey Hess joeyh at costa.debian.org
Mon Aug 29 18:41:53 UTC 2005


Author: joeyh
Date: 2005-08-29 18:41:49 +0000 (Mon, 29 Aug 2005)
New Revision: 1715

Modified:
   data/CAN/list
Log:
maildrop hole


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-08-29 15:07:42 UTC (rev 1714)
+++ data/CAN/list	2005-08-29 18:41:49 UTC (rev 1715)
@@ -85,6 +85,7 @@
 	NOTE: reserved
 CAN-2005-2655
 	NOTE: reserved
+	- maildrop 1.5.3-2 (medium)
 CAN-2005-2654
 	NOTE: reserved
 CAN-2005-XXXX [cplay - still unsafe temporary file handling vulnerable to symlink attacks]
@@ -596,7 +597,7 @@
 CAN-2004-2344 (Unknown vulnerability in the ASN.1/H.323/H.225 stack of VocalTec ...)
 	NOTE: not-for-us (VocalTec)
 CAN-2004-2343 (** DISPUTED ** ...)
-	TODO: check
+	NOTE: apache disputes this and I agree -- joeyh
 CAN-2004-2342 (ChatterBox 2.0 allows remote attackers to cause a denial of service ...)
 	NOTE: not-for-us (ChatterBox)
 CAN-2004-2341 (PHP file include injection vulnerability in isearch.inc.php for ...)




More information about the Secure-testing-commits mailing list