[Secure-testing-commits] r476 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Wed, 23 Feb 2005 21:56:21 +0100
Author: joeyh
Date: 2005-02-23 21:56:18 +0100 (Wed, 23 Feb 2005)
New Revision: 476
Modified:
sarge-checks/CAN/list
Log:
merge results of accidental duplicate work..
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-23 20:28:19 UTC (rev 475)
+++ sarge-checks/CAN/list 2005-02-23 20:56:18 UTC (rev 476)
@@ -1,16 +1,17 @@
CAN-2005-0510 (The daemon for fallback-reboot before 0.995 allows attackers to cause ...)
NOTE: not-for-us (fallback-reboot)
CAN-2005-0509 (Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 ...)
+ - mono (unfixed; bug filed)
NOTE: default config of Mono not vulnerable
NOTE: Mono wont be in Sarge according to http://wiki.debian.net/?MonoDebianPlan
CAN-2005-0508 (Unknown vulnerability in Squiggle for Batik before 1.5.1 allows ...)
- NOTE: not-for-us (Squiggle for Batik)
+ - libbatik-java (unfixed; bug #288009)
CAN-2005-0507 (Directory traversal vulnerability in SD Server 4.0.70 and earlier ...)
NOTE: not-for-us (SD Server)
CAN-2005-0506 (The Avaya IP Office Phone Manager, and other products such as the IP ...)
- NOTE: not-for-us (Avaya)
+ NOTE: not-for-us (Avaya IP Office Phone Manager)
CAN-2005-0505 (Unknown vulnerability in Information Resource Manager (IRM) before ...)
- NOTE: not-for-us (IRM)
+ - irm (unfixed; bug filed)
CAN-2005-0504 (Buffer overflow in the MoxaDriverIoctl function for the moxa serial ...)
TODO: check with kernel team
CAN-2005-0503 (uim before 0.4.5.1 trusts certain environment variables when libUIM is ...)