[Secure-testing-commits] r1212 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Thu, 09 Jun 2005 09:01:35 +0000
Author: jmm-guest
Date: 2005-06-09 09:01:32 +0000 (Thu, 09 Jun 2005)
New Revision: 1212
Modified:
sarge-checks/CAN/list
Log:
new leafnode dos
gedit fixed
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-06-08 21:23:29 UTC (rev 1211)
+++ sarge-checks/CAN/list 2005-06-09 09:01:32 UTC (rev 1212)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [Minor DoS through malicous NNTP servers in leafnode's fetchnews]
+ - leafnode 1.11.3.rel-1
CAN-2005-1863
NOTE: reserved
CAN-2005-1862
@@ -467,8 +469,8 @@
NOTE: Removed from Sarge due to intransparent handling of security issues by upstream
- wordpress 1.5.1-1
CAN-2005-1686 (Format string vulnerability in gedit 2.10.2 may allow attackers to ...)
- TODO: Affects experimental, check whether 2.8 from Sarge/sid is affected as well
- - gedit (unfixed)
+ NOTE: Only exploitable under rare circumstances
+ - gedit 2.10.3-1
CAN-2005-1685 (episodex guestbook allows remote attackers to bypass authentication ...)
NOTE: not-for-us (episodex)
CAN-2005-1684 (Cross-site scripting (XSS) vulnerability in default.asp for episodex ...)