[Secure-testing-commits] r360 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Mon, 07 Feb 2005 01:24:04 +0100
Author: joeyh
Date: 2005-02-07 01:24:01 +0100 (Mon, 07 Feb 2005)
New Revision: 360
Modified:
sarge-checks/CAN/list
Log:
bug updates
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-06 22:49:40 UTC (rev 359)
+++ sarge-checks/CAN/list 2005-02-07 00:24:01 UTC (rev 360)
@@ -105,7 +105,7 @@
CAN-2005-0176
NOTE: reserved
CAN-2004-1392 (PHP 4.0 with cURL functions allows remote attackers to bypass the ...)
- TODO: check (asked vorlon if we've vulnerable)
+ TODO: check
CAN-2004-1391 (Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in ...)
NOTE: not-for-us (PPPoE daemon (PPPoEd) in QNX RTP)
CAN-2004-1390 (Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 ...)
@@ -119,11 +119,11 @@
CAN-2004-1386 (TikiWiki before 1.8.4.1 does not properly verify uploaded images, ...)
NOTE: not-for-us (TikiWiki)
CAN-2004-1385 (phpGroupWare 0.9.16.003 and earlier allows remote attackers to gain ...)
- - phpgroupware (unfixed; bug #293906)
+ - phpgroupware 0.9.16.005-1
CAN-2004-1384 (Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare ...)
- - phpgroupware (unfixed; bug #293906)
+ - phpgroupware 0.9.16.005-1
CAN-2004-1383 (Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and ...)
- - phpgroupware (unfixed; bug #293906)
+ - phpgroupware 0.9.16.005-1
CAN-2004-1382 (The glibcbug script in glibc 2.3.4 and earlier allows local users to ...)
- 2.3.2.ds1-19
CAN-2005-0218 (ClamAV 0.80 and earlier allows remote attackers to bypass virus ...)
@@ -2133,7 +2133,7 @@
NOTE: not-for-us (Lotus)
CAN-2004-0667 (Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows ...)
NOTE: kernel-patch-adamantix contain the RSBAC patch v1.2.2 and is vulnerable.
- - kernel-patch-adamantix (unfixed, buf filed)
+ - kernel-patch-adamantix (unfixed, bug #293940)
CAN-2004-0666 (Off-by-one error in the POP3_readmsg function in popclient 3.0b6 ...)
NOTE: not-for-us (popclient not in Debian)
CAN-2004-0665 (csFAQ.cgi in csFAQ allows remote attackers to gain sensitive ...)