[Secure-testing-commits] r1207 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Tue, 07 Jun 2005 08:47:41 +0000
Author: jmm-guest
Date: 2005-06-07 08:47:38 +0000 (Tue, 07 Jun 2005)
New Revision: 1207
Modified:
sarge-checks/CAN/list
Log:
fuse CANified, gnome-vfs2 fixed
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-06-06 12:09:35 UTC (rev 1206)
+++ sarge-checks/CAN/list 2005-06-07 08:47:38 UTC (rev 1207)
@@ -1,3 +1,5 @@
+CAN-2005-1858 [Information leak in fuse due to insufficient clearing of memory]
+ - fuse 2.3.0-1
CAN-2005-XXXX [Directory traversal in zoo]
- zoo (unfixed; bug #306164)
CAN-2005-XXXX [Cross Site Scripting in websieve]
@@ -2,5 +4,2 @@
- websieve (unfixed; bug #311838)
-CAN-2005-XXXX [Information leak in fuse]
- NOTE: Fixed packages have already been prepared, pending upload and/or security team upload
- - fuse 2.3.0-1
CAN-2005-1840 (Directory traversal vulnerability in class.layout_phpcms.php in phpCMS ...)
@@ -3810,7 +3809,7 @@
NOTE: not-for-us (Ipswitch Collaboration Suite)
CAN-2005-0706 (Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a ...)
NOTE: Sarge version does not install the module with the vulnerable code
- NOTE: gnome-vfs2 is vulnerable in stable (1.9), 2.10 in experimental has been fixed
+ - gnome-vfs2 2.10.1-4
- grip 3.2.0-4
- libcdaudio 0.99.9-2.1
- gnome-vfs 1.0.5-5.1