[Secure-testing-commits] r282 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Tue, 18 Jan 2005 21:57:48 +0100 

Author: joeyh
Date: 2005-01-18 21:57:46 +0100 (Tue, 18 Jan 2005)
New Revision: 282

Modified:
   sarge-checks/CAN/list
Log:
new CANs


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-01-18 20:14:23 UTC (rev 281)
+++ sarge-checks/CAN/list	2005-01-18 20:57:46 UTC (rev 282)
@@ -1,5 +1,5 @@
 CAN-2005-0080
-	TODO: check
+	- mailman 2.1.5-5
 CAN-2005-0079
 	NOTE: reserved
 CAN-2005-0078
@@ -23,13 +23,13 @@
 CAN-2005-0069
 	NOTE: reserved
 CAN-2005-0068
-	TODO: check
+	NOTE: general icmp design error
 CAN-2005-0067
-	TODO: check
+	NOTE: general tcp design error, no indication it affects linux
 CAN-2005-0066
-	TODO: check
+	NOTE: general tcp design error
 CAN-2005-0065
-	TODO: check
+	NOTE: general tcp design error
 CAN-2005-0064
 	NOTE: reserved
 CAN-2005-0063
@@ -73,7 +73,7 @@
 CAN-2005-0044
 	NOTE: reserved
 CAN-2005-0043
-	TODO: check
+	NOTE: not-for-us (iTunes)
 CAN-2005-0042
 	NOTE: reserved
 CAN-2005-0041
@@ -95,69 +95,69 @@
 CAN-2005-0033
 	NOTE: reserved
 CAN-2004-1376
-	TODO: check
+	NOTE: not-for-us (MSIE)
 CAN-2004-1375
-	TODO: check
+	NOTE: not-for-us (HP-UX)
 CAN-2004-1374
-	TODO: check
+	NOTE: not-for-us (NetBSD)
 CAN-2004-1373
-	TODO: check
+	NOTE: not-for-us (Shoutcast)
 CAN-2004-1372
-	TODO: check
+	NOTE: not-for-us (IBM DB2)
 CAN-2004-1371
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1370
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1369
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1368
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1367
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1366
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1365
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1364
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1363
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1362
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1361
-	TODO: check
+	NOTE: not-for-us (Windows)
 CAN-2004-1360
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1359
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1358
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1357
-	TODO: check
+	NOTE: not-for-us (ssh on Solaris)
 CAN-2004-1356
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1355
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1354
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1353
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1352
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1351
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1350
-	TODO: check
+	NOTE: not-for-us (Sun Java System Web Proxy Server )
 CAN-2004-1349
-	TODO: check
+	NOTE: not-for-us (gzip on Solaris)
 CAN-2004-1348
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1347
-	TODO: check
+	NOTE: not-for-us (xdm on Solaris)
 CAN-2004-1346
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1345
-	TODO: check
+	NOTE: not-for-us (Sun StorEdge Enterprise Storage Manager)
 CAN-2004-1344
 	NOTE: reserved
 CAN-2004-1343
@@ -231,7 +231,7 @@
 CAN-2005-0003
 	NOTE: reserved
 CAN-2005-0002 (poppassd_pam 1.0 and earlier, when changing a user password, does not ...)
-	TODO: check
+	NOTE: not-for-us (poppassd_pam)
 CAN-2005-0001 (Race condition in the page fault handler (fault.c) for Linux kernel ...)
 	NOTE: bug in i386 SMP page fault handler, local root (bugtraq)
 	TODO: check with kernel team
@@ -309,7 +309,7 @@
 CAN-2004-1307
 	NOTE: reserved
 CAN-2004-1306 (Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 ...)
-	TODO: check
+	NOTE: not-for-us (Windows)
 CAN-2004-1305 (The Windows Animated Cursor (ANI) in Windows NT, Windows 2000 through ...)
 	NOTE: not-for-us (Microsoft)
 CAN-2004-1304 (Stack-based buffer overflow in the ELF header parsing code in file ...)
@@ -703,6 +703,7 @@
 	- cupsys 1.1.22-2
 	- tetex-bin 2.0.2-25
 	- gpdf (unfixed; bug #290731)
+	- koffice 1:1.3.5-1
 CAN-2004-1124
 	NOTE: reserved
 CAN-2004-1123 (Darwin Streaming Server 5.0.1, and possibly earlier versions, allows ...)
@@ -875,7 +876,7 @@
 CAN-2004-1050 (Heap-based buffer overflow in Internet Explorer 6 allows remote ...)
 	NOTE: not-for-us (Microsoft)
 CAN-2004-1049 (Integer overflow in the LoadImage API of the USER32 Lib for Microsoft ...)
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2004-1048
 	NOTE: reserved
 CAN-2004-1047
@@ -895,7 +896,7 @@
 CAN-2004-1040
 	NOTE: reserved
 CAN-2004-1039 (The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, ...)
-	TODO: check
+	NOTE: not-for-us (SCO UnixWare)
 CAN-2004-1038 (A design error in the IEEE1394 specification allows attackers with ...)
 	NOTE: not-for-us (IEEE1394 specification bug, physical security)
 CAN-2004-1037 (The search function in TWiki 20030201 allows remote attackers to ...)
@@ -1016,7 +1017,7 @@
 CAN-2004-0992 (Format string vulnerability in the -a option (daemon mode) in ...)
 	NOTE: not-for-us (Proxytunnel)
 CAN-2004-0991 (Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to ...)
-	TODO: check
+	- mpg123 0.59r-19
 CAN-2004-0990 (Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and ...)
 	{DSA-602-1 DSA-601-1 DSA-591-1 DSA-589-1}
 	- libgd2 2.0.30-1
@@ -1255,7 +1256,7 @@
 CAN-2004-0898
 	NOTE: reserved
 CAN-2004-0897 (The Indexing Service for Microsoft Windows XP and Server 2003 does not ...)
-	TODO: check
+	NOTE: not-for-us (Windows)
 CAN-2004-0896
 	NOTE: reserved
 CAN-2004-0895
@@ -1809,7 +1810,7 @@
 CAN-2004-0639 (Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail ...)
 	{DSA-535}
 CAN-2004-0638 (Buffer overflow in the KSDWRTB function in the dbms_system package ...)
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-0637
 	NOTE: reserved
 CAN-2004-0636 (Buffer overflow in the goaway function in the aim:goaway URI handler ...)