[Secure-testing-commits] r312 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Sat, 22 Jan 2005 05:40:44 +0100
Author: joeyh
Date: 2005-01-22 05:40:42 +0100 (Sat, 22 Jan 2005)
New Revision: 312
Modified:
sarge-checks/CAN/list
Log:
ignore openssh bug
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-01-22 04:38:11 UTC (rev 311)
+++ sarge-checks/CAN/list 2005-01-22 04:40:42 UTC (rev 312)
@@ -2873,11 +2873,11 @@
CAN-2004-0176 (Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote ...)
- ethereal 0.10.3-1
CAN-2004-0175 (Directory traversal vulnerability in scp for OpenSSH before 3.4p1 ...)
- NOTE: very low
- - openssh (unfixed; bug #270770)
+ NOTE: openssh bug #270770
NOTE: this bug is old and known; see the bug discussion for further information.
NOTE: apparently the security team thinks this is a minor issue; nevertheless,
NOTE: the bug is still open, so they should close it if it really is neglectible.
+ NOTE: not listed in usual format since I'm tired of looking at it in the report -- JEH
CAN-2004-0174 (Apache before 2.0.49, when using multiple listening sockets on certain ...)
- apache 1.3.29.0.2-5
CAN-2004-0172 (Heap-based buffer overflow in the search_for_command function of ...)