[Secure-testing-commits] r1223 - data/CAN
Joey Hess
joeyh@costa.debian.org
Sat, 11 Jun 2005 01:33:42 +0000
Author: joeyh
Date: 2005-06-11 01:33:38 +0000 (Sat, 11 Jun 2005)
New Revision: 1223
Modified:
data/CAN/list
Log:
various fixed holes
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-06-11 01:17:57 UTC (rev 1222)
+++ data/CAN/list 2005-06-11 01:33:38 UTC (rev 1223)
@@ -372,7 +372,7 @@
CAN-2005-1756
NOTE: reserved
CAN-2005-1751 (Race condition in shtool 2.0.1 and earlier allows local users to ...)
- - shtool (unfixed; bug #311206)
+ - shtool 2.0.1-2
CAN-2004-2136 (dm-crypt on Linux kernel 2.6.x, when used on certain file systems ...)
NOTE: This looks like a minor issue, the paper is from Feb 2004, check whether this still applies
TODO: check, whether this still applies
@@ -904,7 +904,7 @@
CAN-2005-XXXX [clamav: DoS through multiple empty Content-Disposition header lines]
- clamav 0.85.1-1
CAN-2005-XXXX [libxpm4: new s_popen() function is insecure garbage]
- - libxpm4 (unfixed; bug #308783)
+ - libxpm4 4.3.0.dfsg.1-14
CAN-2005-1589 [Local privilege escalation in the Linux kernel's pktcdvd ioctl]
NOTE: According to Horms from kernel team 2.6.8 not affected
- kernel-source-2.6.11 2.6.11-5
@@ -7613,7 +7613,7 @@
NOTE: but lesstif2 did get fixed for this hole..
- lesstif2 1_0.93.94-11.2
NOTE: openmotif is non-free
- - openmotif (unfixed; bug #308819)
+ - openmotif 2.2.3-1.1
CAN-2004-0913 (Unknown vulnerability in ecartis 0.x before ...)
{DSA-572-1}
- squid 2.5.6-9