[Secure-testing-commits] r299 - in sarge-checks: CAN DSA
Joey Hess
joeyh@costa.debian.org
Thu, 20 Jan 2005 19:43:13 +0100
Author: joeyh
Date: 2005-01-20 19:43:10 +0100 (Thu, 20 Jan 2005)
New Revision: 299
Modified:
sarge-checks/CAN/list
sarge-checks/DSA/list
Log:
updates
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-01-20 08:14:16 UTC (rev 298)
+++ sarge-checks/CAN/list 2005-01-20 18:43:10 UTC (rev 299)
@@ -1,9 +1,10 @@
CAN-2005-0124
- TODO: check
+ TODO: check with kernel team re 2.4
+ NOTE: 2.6.8 apparenlty ok
CAN-2005-0123
NOTE: reserved
CAN-2005-0122
- TODO: check
+ NOTE: not-for-us (MacOS X)
CAN-2005-0121 (Multiple buffer overflows in golddig 2.0 and earlier allow local users ...)
NOTE: not-for-us (golddig)
CAN-2005-0120 (helvis 1.8h2_1 and earlier allows local users to delete arbitrary ...)
@@ -83,9 +84,9 @@
CAN-2005-0083
NOTE: reserved
CAN-2005-0082 (The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other ...)
- TODO: check
+ - maxdb-7.5.00 7.5.00.21-1
CAN-2005-0081 (MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote ...)
- TODO: check
+ - maxdb-7.5.00 7.5.00.21-1
CAN-2004-1379 (Heap-based buffer overflow in the DVD subpicture decoder in xine ...)
- xine-lib 1-rc7-1
CAN-2004-1378 (The expat XML parser code, as used in the open source Jabber (jabberd) ...)
@@ -340,7 +341,8 @@
- mysql-dfsg-4.1 4.1.8a-6
- mysql-dfsg 4.0.23-3
CAN-2005-0003 (The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit ...)
- TODO: check
+ TODO: check with kernel team
+ NOTE: 2.4 unaffected; 64 bit arches only
CAN-2005-0002 (poppassd_pam 1.0 and earlier, when changing a user password, does not ...)
NOTE: not-for-us (poppassd_pam)
CAN-2005-0001 (Race condition in the page fault handler (fault.c) for Linux kernel ...)
@@ -565,7 +567,7 @@
CAN-2004-1238
NOTE: reserved
CAN-2004-1237 (Unknown vulnerability in the system call filtering code in the audit ...)
- TODO: check
+ NOTE: apparently redhat specific
CAN-2004-1236 (Buffer overflow in the LDAP component for Netscape Directory Server ...)
NOTE: not-for-us (Netscape Directory Server on HP-UX)
CAN-2004-1235 (Race condition in the (1) load_elf_library and (2) binfmt_aout ...)
@@ -1551,7 +1553,7 @@
NOTE: ide-cd SG_IO vulnerability
NOTE: fixed in recent 2.6 and 2.4 kernels
CAN-2004-0812 (Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD ...)
- TODO: check
+ NOTE: only affects kernels before 2.4.23 on amd64
CAN-2004-0811 (Unknown vulnerability in Apache 2.0.51 prevents "the merging of the ...)
- apache2 2.0.52
CAN-2004-0810 (Buffer overflow in Netopia Timbuktu 7.0.3 allows remote attackers to ...)
Modified: sarge-checks/DSA/list
===================================================================
--- sarge-checks/DSA/list 2005-01-20 08:14:16 UTC (rev 298)
+++ sarge-checks/DSA/list 2005-01-20 18:43:10 UTC (rev 299)
@@ -1,3 +1,15 @@
+[20 Jan 2005] DSA-651-1 squid - buffer overflow, integer overflow
+ {CAN-2005-0094 CAN-2005-0095}
+ - squid 2.5.7-4
+ NOTE: not fixed in testing at time of DSA
+[20 Jan 2005] DSA-650-1 sword - missing input sanitising
+ {CAN-2005-0015}
+ - sword (unfixed; bug filed)
+ NOTE: not fixed in testing at time of DSA
+[20 Jan 2005] DSA-649-1 xtrlock - buffer overflow
+ {CAN-2005-0079}
+ - xtrlock 2.0-9
+ NOTE: fixed in testing at time of DSA
[19 Jan 2005] DSA-648-1 xpdf - buffer overflow
{CAN-2005-0064}
- xpdf 3.00-12