[Secure-testing-commits] r1250 - data/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Mon, 20 Jun 2005 13:26:34 +0000
Author: jmm-guest
Date: 2005-06-20 13:26:32 +0000 (Mon, 20 Jun 2005)
New Revision: 1250
Modified:
data/CAN/list
Log:
new ruby issue
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-06-20 11:47:04 UTC (rev 1249)
+++ data/CAN/list 2005-06-20 13:26:32 UTC (rev 1250)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [Arbitrary command execution in Ruby's XMLRPC code]
+ - ruby1.8 (unfixed; bug #315064; medium)
CAN-2005-XXXX [buffer overflow in heimdal's getterminaltype() function]
TODO: Check telnetd from netkit, krb4, krb5, as they all seem to be derived from the same BSD code base
- heimdal (unfixed; bug #315065; medium)