[Secure-testing-commits] r303 - in sarge-checks: CAN DSA

Joey Hess joeyh@costa.debian.org
Fri, 21 Jan 2005 04:29:45 +0100


Author: joeyh
Date: 2005-01-21 04:29:42 +0100 (Fri, 21 Jan 2005)
New Revision: 303

Modified:
   sarge-checks/CAN/list
   sarge-checks/DSA/list
Log:
updates


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-01-20 20:14:14 UTC (rev 302)
+++ sarge-checks/CAN/list	2005-01-21 03:29:42 UTC (rev 303)
@@ -16,7 +16,7 @@
 CAN-2005-0117 (Buffer overflow in XShisen before 1.36 allows local users to execute ...)
 	- xshisen 1.51-1-1.1
 CAN-2005-0116 (AWStats 6.1, and other versions before 6.3, allows remote attackers to ...)
-	- awstats (unfixed; bug #291064)
+	- awstats 6.2-1.1
 CAN-2005-0115
 	NOTE: reserved
 CAN-2005-0114
@@ -95,9 +95,8 @@
 	- jabber 1.4.3-3
 	NOTE: not-for-us (jadc2s)
 CAN-2004-1377 (The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) ...)
-	- a2ps (unfixed; bug #286387)
-	- a2ps (unfixed; bug #286385)
-	NOTE: wrote for clarification of how it's exploitable
+	- a2ps 1:4.13b-4.3
+	- a2ps 1:4.13b-4.3
 CAN-2003-1054 (mod_access_referer 1.0.2 allows remote attackers to cause a denial of ...)
 	TODO: check
 CAN-2003-1053 (Multiple buffer overflows in XShisen allow attackers to execute ...)

Modified: sarge-checks/DSA/list
===================================================================
--- sarge-checks/DSA/list	2005-01-20 20:14:14 UTC (rev 302)
+++ sarge-checks/DSA/list	2005-01-21 03:29:42 UTC (rev 303)
@@ -4,7 +4,7 @@
 	NOTE: not fixed in testing at time of DSA
 [20 Jan 2005] DSA-650-1 sword - missing input sanitising
 	{CAN-2005-0015}
-	- sword (unfixed; bug #291433)
+	- sword 1.5.7-7
 	NOTE: not fixed in testing at time of DSA
 [20 Jan 2005] DSA-649-1 xtrlock - buffer overflow
 	{CAN-2005-0079}