[Secure-testing-commits] r426 - in sarge-checks: CAN DSA
Micah Anderson
micah@costa.debian.org
Thu, 17 Feb 2005 18:54:23 +0100
Author: micah
Date: 2005-02-17 18:54:20 +0100 (Thu, 17 Feb 2005)
New Revision: 426
Modified:
sarge-checks/CAN/list
sarge-checks/DSA/list
Log:
Claimed remaining CAN todos, resolved DSA TODO
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-17 16:52:09 UTC (rev 425)
+++ sarge-checks/CAN/list 2005-02-17 17:54:20 UTC (rev 426)
@@ -724,11 +724,13 @@
- mozilla-firefox 1.0+dfsg.1-6
CAN-2005-0231 (Firefox 1.0 does not invoke the Javascript Security Manager when a ...)
- mozilla-firefox 1.0+dfsg.1-6
+begin claimed by micah
CAN-2005-0230 (Firefox 1.0 does not prevent the user from dragging an executable file ...)
NOTE: I don't know if this could work under Linux, anything I drag on the Desktop from firefox is convert to a Link
TODO: check
CAN-2005-0229 (CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file ...)
TODO: check
+end claimed by micah
CAN-2005-0228
NOTE: rejected
NOTE: apparently dup of CAN-2004-1388
Modified: sarge-checks/DSA/list
===================================================================
--- sarge-checks/DSA/list 2005-02-17 16:52:09 UTC (rev 425)
+++ sarge-checks/DSA/list 2005-02-17 17:54:20 UTC (rev 426)
@@ -424,7 +424,7 @@
- cupsys 1.1.20final+rc1-10
{CAN-2004-0889}
- xpdf 3.00-10
- TODO: kpdf and kfax not fixed in sarge, bug #278173 has a backported patch for the kpdf hole
+ NOTE: kpdf and kfax are fixed in sarge, bug #278173 and #280373 for reference
- kpdf 4:3.3.1-1
- gpdf 2.8.0-1
- kfax 4:3.3.1-1