[Secure-testing-commits] r268 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Wed, 12 Jan 2005 20:17:41 +0100 

Author: joeyh
Date: 2005-01-12 20:17:38 +0100 (Wed, 12 Jan 2005)
New Revision: 268

Modified:
   sarge-checks/CAN/list
Log:
more kernel


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-01-12 18:17:37 UTC (rev 267)
+++ sarge-checks/CAN/list	2005-01-12 19:17:38 UTC (rev 268)
@@ -76,10 +76,12 @@
 	- tetex-bin 2.0.2-25
 CAN-2004-1335 (Memory leak in the ip_options_get function in the Linux kernel before ...)
 	- kernel-source-2.6.8 2.6.8-11
+	TODO: what about 2.4? Vulnerable according to advisory.
 CAN-2004-1334 (Integer overflow in the ip_options_get function in the Linux kernel ...)
 	TODO: re-check with kernel team (was unfixed before)
 CAN-2004-1333 (Integer overflow in the vc_resize function in the Linux kernel 2.4 and ...)
 	- kernel-source-2.6.8 2.6.8-11
+	TODO: what about 2.4?
 CAN-2004-1332 (Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with ...)
 	NOTE: not-for-us (hpux)
 CAN-2004-1331 (The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows ...)
@@ -289,7 +291,7 @@
 	- kernel-source-2.4.27 2.4.27-8
 	NOTE: and binary packages built from them
 CAN-2004-1234 (load_elf_binary in Linux before 2.4.26 allows local users to cause a ...)
-	TODO: check with kernel team
+	NOTE: fixed after 2.4.25
 CAN-2004-1233 (Integer overflow in Gadu-Gadu allows remote attackers to cause a ...)
 	NOTE: not-for-us (Gadu-Gadu)
 CAN-2004-1232 (Stack-based buffer overflow in the code that sends images in Gadu-Gadu ...)
@@ -379,6 +381,7 @@
 	NOTE: not-for-us (Citadel/UX)
 CAN-2004-1191 (Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems ...)
 	TODO: check with kernel team
+	NOTE: looks like 2.4 is ok, 2.6.8 is vulnerable
 CAN-2004-1190 (SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not ...)
 	TODO: check with kernel team
 CAN-2004-1189 (The add_to_history function in svr_principal.c in libkadm5srv for MIT ...)
@@ -470,7 +473,7 @@
 CAN-2004-1152 (Buffer overflow in the mailListIsPd function in Adobe Acrobat Reader ...)
 	NOTE: not-for-us (Adobe Acrobat Reader)
 CAN-2004-1151 (Multiple buffer overflows in the (1) sys32_ni_syscall and (2) ...)
-	NOTE: fixed in kernel team svn
+	NOTE: fixed in kernel team svn (?)
 	TODO: track fix
 CAN-2004-1150
 	NOTE: reserved
@@ -485,6 +488,7 @@
 CAN-2004-1145 (Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) ...)
 	- kdelibs (unfixed; bug #286521)
 CAN-2004-1144 (Unknown vulnerability in the 32bit emulation code in Linux 2.4 on ...)
+	NOTE: amd64 specific
 	TODO: check with kernel team
 CAN-2004-1143
 	NOTE: reserved
@@ -942,6 +946,7 @@
 CAN-2004-0950 (NetOp Host before 7.65 build 2004278 allows remote attackers to obtain ...)
 	NOTE: not-for-us (NetOp Host)
 CAN-2004-0949 (The smb_recv_trans2 function call in the samba filesystem (smbfs) in ...)
+	NOTE: fixed in 2.4.28, 2.6.9
 	NOTE: check with kernel people
 CAN-2004-0948
 	NOTE: reserved