[Secure-testing-commits] r1240 - data/CAN
Micah Anderson
micah@costa.debian.org
Sun, 19 Jun 2005 01:05:34 +0000
Author: micah
Date: 2005-06-19 01:05:32 +0000 (Sun, 19 Jun 2005)
New Revision: 1240
Modified:
data/CAN/list
Log:
Consolodated MediaWiki items into one TODO, and resolved sysreport
not-for-us
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-06-17 14:46:34 UTC (rev 1239)
+++ data/CAN/list 2005-06-19 01:05:32 UTC (rev 1240)
@@ -180,7 +180,7 @@
NOTE: not-for-us (Sun ONE)
CAN-2005-1888 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 ...)
NOTE: not-for-us (MediaWiki not yet in Debian)
- TODO: track ITP: #217571
+ TODO: track ITP: #217571, check CAN-2005-1245, CAN-2005-0536, CAN-2005-0535, CAN-2005-0534, CAN-2004-1405
CAN-2005-1887 (Unknown vulnerability in the Sun Solaris C library (libc and ...)
NOTE: not-for-us (Solaris)
CAN-2005-1886 (Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, ...)
@@ -450,7 +450,7 @@
CAN-2005-1761
NOTE: reserved
CAN-2005-1760 (sysreport 1.3.15 and earlier includes contents of the up2date file in ...)
- TODO: check
+ NOTE: not-for-us (sysreport)
CAN-2005-1759
NOTE: reserved
CAN-2005-1758 (Buffer overflow in the IMAP command continuation function in Novell ...)
@@ -2518,8 +2518,7 @@
- quake2 1:0.3-1.1
- quake2 (unfixed; bug #280573)
CAN-2005-1245 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, ...)
- NOTE: not-for-us (MediaWiki not yet in Debian)
- TODO: track ITP: #217571
+ NOTE: not-for-us (MediaWiki not yet in Debian), see CAN-2005-1888
CAN-2005-1244 (Directory traversal vulnerability in the third party tool from NetIQ, ...)
NOTE: not-for-us (AS/400 FTP server addon)
CAN-2005-1243 (Directory traversal vulnerability in the third party tool from ...)
@@ -4624,14 +4623,11 @@
CAN-2005-0537 (Multiple SQL injection vulnerabilities in page.php for iGeneric (iG) ...)
NOTE: not-for-us (iGeneric (iG) Shop)
CAN-2005-0536 (Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and ...)
- NOTE: not-for-us (MediaWiki not yet in Debian)
- TODO: track ITP: #217571
+ NOTE: not-for-us (MediaWiki not yet in Debian), see CAN-2005-1888
CAN-2005-0535 (Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x ...)
- NOTE: not-for-us (MediaWiki not yet in Debian)
- TODO: track ITP: #217571
+ NOTE: not-for-us (MediaWiki not yet in Debian), see CAN-2005-1888
CAN-2005-0534 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x ...)
- NOTE: not-for-us: (MediaWiki not yet in Debian)
- TODO: track ITP: #217571
+ NOTE: not-for-us: (MediaWiki not yet in Debian), see CAN-2005-1888
CAN-2005-0533 (Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI ...)
NOTE: not-for-us (Trend Micro AntiVirus)
CAN-2005-0532 (The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c ...)
@@ -5670,7 +5666,7 @@
CAN-2004-1406 (SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 ...)
NOTE: not-for-us (Ikonboard)
CAN-2004-1405 (MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not ...)
- NOTE: not-for-us (MediaWiki)
+ NOTE: not-for-us (MediaWiki), see CAN-2005-1888
CAN-2004-1404 (Attachment Mod 2.3.10 module for phpBB, when used with Apache ...)
NOTE: not-for-us (Attachment Mod for phpBB)
CAN-2004-1403 (PHP remote code injection vulnerability in index.php in GNUBoard 3.39 ...)