[Secure-testing-commits] r517 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Thu, 03 Mar 2005 22:04:36 +0100 

Author: joeyh
Date: 2005-03-03 22:04:33 +0100 (Thu, 03 Mar 2005)
New Revision: 517

Modified:
   sarge-checks/CAN/list
Log:
processed some and claimed some others


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-03-03 08:14:17 UTC (rev 516)
+++ sarge-checks/CAN/list	2005-03-03 21:04:33 UTC (rev 517)
@@ -1,20 +1,20 @@
 CAN-2005-0940
 	NOTE: rejected
-	TODO: check
 CAN-2005-0625 (reportbug 3.2 includes settings from .reportbugrc in bug reports, ...)
-	TODO: check
+	- reportbug 3.8
 CAN-2005-0624 (reportbug before 2.62 creates the .reportbugrc configuration file with ...)
-	TODO: check
+	- reportbug 3.8
 CAN-2005-0623 (Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions ...)
-	TODO: check
+	NOTE: not-for-us (RaidenHTTPD)
 CAN-2005-0622 (RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows ...)
-	TODO: check
+	NOTE: not-for-us (RaidenHTTPD)
 CAN-2005-0621 (Scrapland 1.0 and earlier allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOTE: not-for-us (Scrapland)
 CAN-2005-0620 (Einstein 1.0 stores credit card information in plaintext in the ...)
-	TODO: check
+	NOTE: not-for-us (Einstein)
 CAN-2005-0619 (Einstein 1.0.1 stores sensitive information such as usernames and ...)
-	TODO: check
+	NOTE: not-for-us (Einstein)
+begin claimed by joeyh
 CAN-2005-0618 (The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R ...)
 	TODO: check
 CAN-2005-0617 (SQL injection vulnerability in dl-search.php in PostNuke 0.750 and ...)
@@ -164,6 +164,7 @@
 	NOTE: reserved
 CAN-2005-0548
 	NOTE: reserved
+end claimed by joeyh
 begin claimed by djoume
 CAN-2004-1753 (The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, ...)
 	TODO: check
@@ -913,7 +914,7 @@
 CAN-2004-1489 (Opera 7.54 and earlier does not properly limit an applet's access to ...)
 	NOTE: not-for-us (Opera)
 CAN-2005-0455 (Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed ...)
-	TODO: check
+	NOTE: not-for-us (Real)
 CAN-2005-0454 (Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier ...)
 	NOTE: not-for-us (DCP-Portal)
 CAN-2005-0453 (The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not ...)
@@ -1035,6 +1036,7 @@
 	NOTE: reserved
 CAN-2005-0397
 	NOTE: reserved
+	- imagemagick 6:6.0.6.2-2.2
 CAN-2005-0396
 	NOTE: reserved
 CAN-2005-0395
@@ -1708,7 +1710,7 @@
 CAN-2005-0209
 	NOTE: reserved
 CAN-2005-0208 (The HTML parsing functions in Gaim before 1.1.4 allow remote attackers ...)
-	TODO: check
+	- gaim 1:1.1.4
 CAN-2005-0207
 	NOTE: reserved
 CAN-2005-0206 (The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 ...)
@@ -4357,9 +4359,9 @@
 CAN-2004-0430 (Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and ...)
 	NOTE: not-for-us (MacOS)
 CAN-2004-0429 (Unknown vulnerability related to "the handling of large requests" in ...)
-	TODO: check
+	NOTE: not-for-us (RAdmin for Mac OS X)
 CAN-2004-0428 (Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS ...)
-	TODO: check
+	NOTE: not-for-us (Mac OS X))
 CAN-2004-0427 (The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before ...)
 	NOTE: fixed after 2.6.6/2.4.26 kernel
 CAN-2004-0426 (rsync before 2.6.1 does not properly sanitize paths when running a ...)