[Secure-testing-commits] r467 - sarge-checks/CAN
SALVETTI Djoumé
djoume-guest@costa.debian.org
Tue, 22 Feb 2005 15:24:01 +0100
Author: djoume-guest
Date: 2005-02-22 15:23:58 +0100 (Tue, 22 Feb 2005)
New Revision: 467
Modified:
sarge-checks/CAN/list
Log:
* xerces bug number
* claimed some CAN
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-22 14:22:27 UTC (rev 466)
+++ sarge-checks/CAN/list 2005-02-22 14:23:58 UTC (rev 467)
@@ -1,3 +1,4 @@
+begin claimed by djoume
CAN-2005-0503 (uim before 0.4.5.1 trusts certain environment variables when libUIM is ...)
TODO: check
CAN-2005-0502 (Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows ...)
@@ -78,6 +79,7 @@
TODO: check
CAN-2004-1678 (Directory traversal vulnerability in pdesk.cgi in PerlDesk allows ...)
TODO: check
+end claimed by djoume
CAN-2004-1677 (pdesk.cgi in PerlDesk allows remote attackers to gain sensitive ...)
TODO: check
CAN-2004-1676 (Heap-based buffer overflow in the image sending feature in Gadu-Gadu ...)
@@ -290,7 +292,7 @@
CAN-2004-1576 (Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and ...)
NOTE: not-for-us (Judge Dredd)
CAN-2004-1575 (The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a ...)
- - xerces25 (unfixed; bug filed)
+ - xerces25 (unfixed; bug #296432)
NOTE: xerces24, xerces23, xerces22, xerces21 could also be concerned by this
NOTE: I have noticed it in the bug report agains xerces25 -- Djoume
CAN-2004-1574 (Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote ...)