[Secure-testing-commits] r600 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Mon, 21 Mar 2005 19:35:21 +0100
Author: jmm-guest
Date: 2005-03-21 19:35:18 +0100 (Mon, 21 Mar 2005)
New Revision: 600
Modified:
sarge-checks/CAN/list
Log:
cernlib and ltris vulnerabilities.
ltris is unfixed with an obviously correct patch for two months.
Could any DD please NMU this?
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-03-21 16:16:59 UTC (rev 599)
+++ sarge-checks/CAN/list 2005-03-21 18:35:18 UTC (rev 600)
@@ -1,3 +1,7 @@
+CAN-2005-XXXX (Various /tmp related security issues in cernlib)
+ cernlib 2004.11.04-3
+CAN-2005-XXXX (Buffer overflow in ltris highscore handling)
+ ltris (unfixed; bug #291620)
CAN-2005-0823 (ThePoolClub (1) iPool and (2) iSnooker 1.6.81 and earlier stores ...)
TODO: check
CAN-2005-0822 (Citrix Metaframe Password Manager 2.5 and earlier stores a password in ...)