[Secure-testing-commits] r1749 - data/CAN

Joey Hess joeyh at costa.debian.org
Wed Aug 31 15:22:42 UTC 2005


Author: joeyh
Date: 2005-08-31 15:22:38 +0000 (Wed, 31 Aug 2005)
New Revision: 1749

Modified:
   data/CAN/list
Log:
new courier hole and python pcre embedding


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-08-31 14:41:01 UTC (rev 1748)
+++ data/CAN/list	2005-08-31 15:22:38 UTC (rev 1749)
@@ -1,3 +1,5 @@
+CAN-2005-2724 [courier XSS vulnerabiliy]
+	- courier 0.47-8 (medium; bug #325631)
 CAN-2005-XXXX [xattr sharing bug in kernel's ext3 code]
 	- kernel-source-2.4.27 2.4.27-11 (medium)
 	NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00238.html
@@ -843,7 +845,9 @@
 	NOTE: reserved
 CAN-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular ...)
 	- pcre3 6.3-1 (bug #324531; medium)
-	TODO: gnumeric and pythons seems to embed a copy of PCRE, check these
+	TODO: gnumeric seems to embed a copy of PCRE, check
+	- python2.2 2.2.3dfsg-4 (medium)
+	- python2.3 2.3.5-8 (medium)
 CAN-2005-2490
 	NOTE: reserved
 CAN-2004-2302 (Race condition in the sysfs_read_file and sysfs_write_file functions ...)




More information about the Secure-testing-commits mailing list