[Secure-testing-commits] r416 - in sarge-checks: CAN DSA
Joey Hess
joeyh@costa.debian.org
Wed, 16 Feb 2005 18:38:32 +0100
Author: joeyh
Date: 2005-02-16 18:38:29 +0100 (Wed, 16 Feb 2005)
New Revision: 416
Modified:
sarge-checks/CAN/list
sarge-checks/DSA/list
Log:
updates
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-16 17:16:59 UTC (rev 415)
+++ sarge-checks/CAN/list 2005-02-16 17:38:29 UTC (rev 416)
@@ -1310,6 +1310,7 @@
- dillo 0.8.3-1
CAN-2005-0011
NOTE: reserved
+ - kdeedu (unfixed; bug #295499)
CAN-2005-0010 (Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through ...)
- ethereal 0.10.9-1
CAN-2005-0009 (Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 ...)
@@ -2824,8 +2825,12 @@
{DSA-539}
CAN-2004-0688 (Multiple integer overflows in (1) the xpmParseColors function in ...)
{DSA-561-1 DSA-560-1}
+ NOTE: lesstif2 is fixed, 1 is not, same source package
+ - lesstif1 (unfixed; bug #294099)
CAN-2004-0687 (Multiple stack-based buffer overflows in (1) xpmParseColors in ...)
{DSA-561-1 DSA-560-1}
+ NOTE: lesstif2 is fixed, 1 is not, same source package
+ - lesstif1 (unfixed; bug #294099)
CAN-2004-0686 (Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the ...)
- samba 3.0.5
CAN-2004-0685 (Certain USB drivers in the Linux 2.4 kernel use the copy_to_user ...)
Modified: sarge-checks/DSA/list
===================================================================
--- sarge-checks/DSA/list 2005-02-16 17:16:59 UTC (rev 415)
+++ sarge-checks/DSA/list 2005-02-16 17:38:29 UTC (rev 416)
@@ -1,3 +1,7 @@
+[16 Feb 2005] DSA-684-1 typespeed - format string
+ {CAN-2005-0105}
+ - typespeed (unfixed; bug filed)
+ NOTE: not fixed in testing at time of DSA
[15 Feb 2005] DSA-683-1 postgresql - buffer overflows
{CAN-2005-0245 CAN-2005-0247}
- postgresql 7.4.7-2