[Secure-testing-commits] r303 - in sarge-checks: CAN DSA
Joey Hess
joeyh@costa.debian.org
Fri, 21 Jan 2005 04:29:45 +0100
Author: joeyh
Date: 2005-01-21 04:29:42 +0100 (Fri, 21 Jan 2005)
New Revision: 303
Modified:
sarge-checks/CAN/list
sarge-checks/DSA/list
Log:
updates
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-01-20 20:14:14 UTC (rev 302)
+++ sarge-checks/CAN/list 2005-01-21 03:29:42 UTC (rev 303)
@@ -16,7 +16,7 @@
CAN-2005-0117 (Buffer overflow in XShisen before 1.36 allows local users to execute ...)
- xshisen 1.51-1-1.1
CAN-2005-0116 (AWStats 6.1, and other versions before 6.3, allows remote attackers to ...)
- - awstats (unfixed; bug #291064)
+ - awstats 6.2-1.1
CAN-2005-0115
NOTE: reserved
CAN-2005-0114
@@ -95,9 +95,8 @@
- jabber 1.4.3-3
NOTE: not-for-us (jadc2s)
CAN-2004-1377 (The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) ...)
- - a2ps (unfixed; bug #286387)
- - a2ps (unfixed; bug #286385)
- NOTE: wrote for clarification of how it's exploitable
+ - a2ps 1:4.13b-4.3
+ - a2ps 1:4.13b-4.3
CAN-2003-1054 (mod_access_referer 1.0.2 allows remote attackers to cause a denial of ...)
TODO: check
CAN-2003-1053 (Multiple buffer overflows in XShisen allow attackers to execute ...)
Modified: sarge-checks/DSA/list
===================================================================
--- sarge-checks/DSA/list 2005-01-20 20:14:14 UTC (rev 302)
+++ sarge-checks/DSA/list 2005-01-21 03:29:42 UTC (rev 303)
@@ -4,7 +4,7 @@
NOTE: not fixed in testing at time of DSA
[20 Jan 2005] DSA-650-1 sword - missing input sanitising
{CAN-2005-0015}
- - sword (unfixed; bug #291433)
+ - sword 1.5.7-7
NOTE: not fixed in testing at time of DSA
[20 Jan 2005] DSA-649-1 xtrlock - buffer overflow
{CAN-2005-0079}