[Secure-testing-commits] r305 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Fri, 21 Jan 2005 21:14:17 +0100
Author: joeyh
Date: 2005-01-21 21:14:14 +0100 (Fri, 21 Jan 2005)
New Revision: 305
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-01-21 18:14:52 UTC (rev 304)
+++ sarge-checks/CAN/list 2005-01-21 20:14:14 UTC (rev 305)
@@ -1,3 +1,19 @@
+CAN-2005-0132
+ NOTE: reserved
+CAN-2005-0131
+ TODO: check
+CAN-2005-0130
+ TODO: check
+CAN-2005-0129
+ TODO: check
+CAN-2005-0128
+ NOTE: reserved
+CAN-2005-0127
+ NOTE: reserved
+CAN-2005-0126
+ NOTE: reserved
+CAN-2005-0125
+ NOTE: reserved
CAN-2005-0124 (The coda_pioctl function in the coda functionality (pioctl.c) for ...)
- kernel-source-2.4.27 2.4.27-8
NOTE: 2.6.8 apparently ok
@@ -23,8 +39,8 @@
NOTE: reserved
CAN-2005-0113 (inpview in SGI IRIX allows local users to execute arbitrary commands ...)
NOTE: not-for-us (IRIX)
-CAN-2005-0112
- NOTE: reserved
+CAN-2005-0112 (The web-based administrative interface for 3Com OfficeConnect Wireless ...)
+ TODO: check
CAN-2005-0111 (Stack-based buffer overflow in the websql CGI program in MySQL MaxDB ...)
- maxdb-7.5.00 7.5.00.18
CAN-2005-0110 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to ...)
@@ -83,6 +99,7 @@
NOTE: reserved
CAN-2005-0084
NOTE: reserved
+ {DSA-653-1}
CAN-2005-0083
NOTE: reserved
CAN-2005-0082 (The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other ...)
@@ -303,8 +320,7 @@
- exim4 4.34-10
CAN-2005-0021 (Multiple buffer overflows in Exim before 4.43 may allow attackers to ...)
{DSA-637-1 DSA-635-1}
-CAN-2005-0020
- NOTE: reserved
+CAN-2005-0020 (Buffer overflow in playmidi before 2.4 allows local users to execute ...)
{DSA-641-1}
CAN-2005-0019
NOTE: reserved
@@ -312,8 +328,7 @@
NOTE: reserved
CAN-2005-0017
NOTE: reserved
-CAN-2005-0016
- NOTE: reserved
+CAN-2005-0016 (Buffer overflow in the exported_display function in xatitv in gatos ...)
{DSA-640-1}
CAN-2005-0015
NOTE: reserved
@@ -685,17 +700,19 @@
- xine-lib 1-rc8-1
CAN-2004-1186
NOTE: reserved
+ {DSA-654-1}
CAN-2004-1185
NOTE: reserved
+ {DSA-654-1}
CAN-2004-1184
NOTE: reserved
+ {DSA-654-1}
CAN-2004-1183 (Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier ...)
{DSA-626-1}
- libtiff-tools 3.6.1-5
CAN-2004-1182 (hfaxd in HylaFAX before 4.2.1, when installed with a "weak" ...)
{DSA-634-1}
-CAN-2004-1181
- NOTE: reserved
+CAN-2004-1181 (htmlheadline before 21.8 allows local users to overwrite arbitrary ...)
{DSA-622-1}
NOTE: htmlheadline not in unstable
CAN-2004-1180
@@ -707,14 +724,11 @@
CAN-2004-1177 (Cross-site scripting vulnerability in the driver script in mailman ...)
- mailman 2.1.5-5
NOTE: there's also bug #285839, no CAN.
-CAN-2004-1176
- NOTE: reserved
+CAN-2004-1176 (Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and ...)
{DSA-639-1}
-CAN-2004-1175
- NOTE: reserved
+CAN-2004-1175 (fish.c in midnight commander allows remote attackers execute arbitrary ...)
{DSA-639-1}
-CAN-2004-1174
- NOTE: reserved
+CAN-2004-1174 (direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows ...)
{DSA-639-1}
CAN-2004-1173 (Internet Explorer 6 allows remote attackers to bypass the popup ...)
NOTE: not-for-us (MSIE)
@@ -891,17 +905,13 @@
- zgv 5.7-1.3
CAN-2004-1094 (Buffer overflow in DUNZIP32.DLL in RealPlayer 10 through RealPlayer ...)
NOTE: not-for-us (RealPlayer)
-CAN-2004-1093
- NOTE: reserved
+CAN-2004-1093 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
{DSA-639-1}
-CAN-2004-1092
- NOTE: reserved
+CAN-2004-1092 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
{DSA-639-1}
-CAN-2004-1091
- NOTE: reserved
+CAN-2004-1091 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
{DSA-639-1}
-CAN-2004-1090
- NOTE: reserved
+CAN-2004-1090 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
{DSA-639-1}
CAN-2004-1089
NOTE: reserved
@@ -1043,6 +1053,7 @@
CAN-2004-1028 (Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, ...)
NOTE: not-for-us (AIX)
CAN-2004-1027 (Directory traversal vulnerability in the -x command line option in ...)
+ {DSA-652-1}
NOTE: sarge's unarj is from a different code base, probably not vulnerable
CAN-2004-1026 (Multiple integer overflows in the image handler for imlib 1.9.14 and ...)
{DSA-628-1 DSA-618-1}
@@ -1092,8 +1103,7 @@
CAN-2004-1010 (Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when ...)
{DSA-624-1}
- zip 2.30-8
-CAN-2004-1009
- NOTE: reserved
+CAN-2004-1009 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
{DSA-639-1}
CAN-2004-1008 (Integer signedness error in the ssh2_rdpkt function in PuTTY before ...)
- putty 0.56-1
@@ -1102,11 +1112,9 @@
CAN-2004-1006 (Format string vulnerability in the log functions in dhcpd for dhcp 2.x ...)
{DSA-584-1}
- dhcp 2.0pl5-19.1
-CAN-2004-1005
- NOTE: reserved
+CAN-2004-1005 (Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and ...)
{DSA-639-1}
-CAN-2004-1004
- NOTE: reserved
+CAN-2004-1004 (Multiple format string vulnerabilities in Midnight Commander (mc) ...)
{DSA-639-1}
CAN-2004-1003 (Trend ScanMail allows remote attackers to obtain potentially sensitive ...)
NOTE: not-for-us (Trend ScanMail)
@@ -1253,6 +1261,7 @@
CAN-2004-0948
NOTE: reserved
CAN-2004-0947 (Buffer overflow in unarj before 2.63a-r2 allows remote attackers to ...)
+ {DSA-652-1}
NOTE: see http://lwn.net/Alerts/110733/
NOTE: sarge's unarj is from a different code base, probably not vulnerable
CAN-2004-0946 (rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit ...)