[Secure-testing-commits] r494 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Fri, 25 Feb 2005 21:31:24 +0100
Author: joeyh
Date: 2005-02-25 21:31:22 +0100 (Fri, 25 Feb 2005)
New Revision: 494
Modified:
sarge-checks/CAN/list
Log:
updates; new wu-ftpd hole
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-25 20:14:17 UTC (rev 493)
+++ sarge-checks/CAN/list 2005-02-25 20:31:22 UTC (rev 494)
@@ -31,7 +31,7 @@
CAN-2005-0524
NOTE: reserved
CAN-2005-0523 (Format string vulnerability in ProZilla 1.3.7.3 and earlier allows ...)
- - prozilla (unfixed; bug filed)
+ - prozilla (unfixed; bug #296925)
CAN-2005-0522 (Chat Anywhere 2.72a stores sensitive information such as passwords in ...)
NOTE: not-for-us (Chat Anywhere)
CAN-2005-0521 (SendLink 1.5 stores sensitive information, possibly including ...)
@@ -78,7 +78,7 @@
- kernel-source-2.6.10 2.6.10-2
- kernel-source-2.4.27 2.4.27-8
CAN-2005-0503 (uim before 0.4.5.1 trusts certain environment variables when libUIM is ...)
- - uim (unfixed; bug #296632)
+ - uim 1:0.4.6beta2-1
CAN-2005-0502 (Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows ...)
NOTE: not-for-us (Xinkaa)
CAN-2005-0501 (Buffer overflow in Bontago 1.1 and earlier allows remote attackers ...)
@@ -1224,6 +1224,7 @@
NOTE: reserved
CAN-2005-0256
NOTE: reserved
+ - wuftpd (unfixed; bug #296929)
CAN-2005-0255
NOTE: reserved
CAN-2005-0254 (BibORB 1.3.2, and possibly earlier versions, does not properly enforce ...)