[Secure-testing-commits] r478 - sarge-checks/CAN

[Joey Hess]

Author: joeyh
Date: 2005-02-24 03:49:17 +0100 (Thu, 24 Feb 2005)
New Revision: 478

Modified:
   sarge-checks/CAN/list
Log:
fill in a few holes, remove one nonexistant CAN


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-02-23 21:39:18 UTC (rev 477)
+++ sarge-checks/CAN/list	2005-02-24 02:49:17 UTC (rev 478)
@@ -411,7 +411,7 @@
 CAN-2005-0468
 	NOTE: reserved
 CAN-2005-0467 (Multiple integer overflows in the (1) sftp_pkt_getstring and (2) ...)
-	TODO: check
+	- putty 0.57-1
 CAN-2005-0466
 	NOTE: reserved
 CAN-2005-0465
@@ -1154,9 +1154,9 @@
 CAN-2005-0260 (Stack-based buffer overflow in the Discovery Service for BrightStor ...)
 	NOTE: not-for-us (ARCserve Backup)
 CAN-2005-0259 (phpBB 2.0.11, and possibly other versions, with remote avatars and ...)
-	TODO: check
+	- phpbb2 2.0.12-1
 CAN-2005-0258 (Directory traversal vulnerability in usercp_register.php for phpBB ...)
-	TODO: check
+	- phpbb2 2.0.12-1
 CAN-2005-0257
 	NOTE: reserved
 CAN-2005-0256
@@ -1349,7 +1349,7 @@
 CAN-2005-0205
 	NOTE: reserved
 CAN-2005-0204 (Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T ...)
-	TODO: check
+	TODO: check with kernel team
 CAN-2005-0203
 	NOTE: reserved
 CAN-2005-0202 (Directory traversal vulnerability in the true_path function in ...)
@@ -3110,8 +3110,6 @@
 	NOTE: not-for-us (microsoft)
 CAN-2004-0839 (Internet Explorer in Windows XP SP2, and other versions including 5.01 ...)
 	NOTE: not-for-us (microsoft)
-CAN-2004-0838
-	TODO: check
 CAN-2004-0837 (MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to ...)
 	{DSA-562-2}
 CAN-2004-0836 (Buffer overflow in the mysql_real_connect function in MySQL 4.x before ...)