[Secure-testing-commits] r661 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Fri, 25 Mar 2005 21:00:13 +0000
Author: jmm-guest
Date: 2005-03-25 21:00:10 +0000 (Fri, 25 Mar 2005)
New Revision: 661
Modified:
sarge-checks/CAN/list
Log:
Remotely root-exploitable heap overflow in smail and another
local vulnerability in the sighandler.
The included patch for the heap overflow seems correct. Joey,
in case the maintainer doesn't react in a few days, could you
NMU this?
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-03-25 20:41:08 UTC (rev 660)
+++ sarge-checks/CAN/list 2005-03-25 21:00:10 UTC (rev 661)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [Remote and local root vulnerabilities in smail with a broad attack vector]
+ - smail (unfixed; bug pending)
CAN-2005-XXXX [Unsafe recommendation (and implementation) of debugging in rscsi]
- cdrtools (unfixed; bug #291376)
CAN-2005-0846 (Multiple cross-site scripting (XSS) vulnerabilities in the email ...)