[Secure-testing-commits] r1373 - data/CAN

Micah Anderson micah@costa.debian.org
Tue, 12 Jul 2005 12:29:54 +0000 

Author: micah
Date: 2005-07-12 12:29:51 +0000 (Tue, 12 Jul 2005)
New Revision: 1373

Modified:
   data/CAN/list
Log:
Check in some checked CANs at debconf, during joeyh's sexy talk


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-07-12 10:35:00 UTC (rev 1372)
+++ data/CAN/list	2005-07-12 12:29:51 UTC (rev 1373)
@@ -688,15 +688,15 @@
 CAN-2002-1803 (Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote ...)
 	TODO: check
 end claimed by djoume
-begin claimed by micah
 CAN-2002-1802 (Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows ...)
-	TODO: check
+	NOTE: not-in-debian (track ITP#207640)
 CAN-2002-1801 (ImageFolio 2.23 through 2.27 allows remote attackers to obtain ...)
-	TODO: check
+	NOTE: not-in-debian (ImageFolio)
 CAN-2002-1800 (phpRank 1.8 stores the administrative password in plaintext on the ...)
-	TODO: check
+	NOTE: not-in-debian (phpRank)
 CAN-2002-1799 (Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote ...)
-	TODO: check
+	NOTE: not-in-debian (phpRank)
+begin claimed by micah
 CAN-2002-1798 (MidiCart PHP 1 allows remote attackers to (1) upload arbitrary php ...)
 	TODO: check
 CAN-2002-1797 (ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and ...)
@@ -714,7 +714,7 @@
 CAN-2002-1791 (SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with ...)
 	TODO: check
 CAN-2002-1790 (The SMTP service in Microsoft Internet Information Services (IIS) 4.0 ...)
-	TODO: check
+	NOTE: not-in-debian (microsoft)
 CAN-2002-1789 (Format string vulnerability in newsx NNTP client before 1.4.8 allows ...)
 	TODO: check
 CAN-2002-1788 (Format string vulnerability in the nn_exitmsg function in nn 6.6.0 ...)
@@ -730,7 +730,7 @@
 CAN-2002-1783 (CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when ...)
 	TODO: check
 CAN-2000-1227 (Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause ...)
-	TODO: check
+	NOTE: not-in-debian (microsoft)
 end claimed by micah
 CAN-2005-2053 (Just another flat file (JAF) CMS before 3.0 Final allows remote ...)
 	NOTE: not-for-us (JAF CMS)