[Secure-testing-commits] r700 - sarge-checks/CAN

Stefan Fritsch stef-guest@costa.debian.org
Thu, 31 Mar 2005 12:01:07 +0000 

Author: stef-guest
Date: 2005-03-31 12:01:04 +0000 (Thu, 31 Mar 2005)
New Revision: 700

Modified:
   sarge-checks/CAN/list
Log:
check some CANs

Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-03-31 11:42:03 UTC (rev 699)
+++ sarge-checks/CAN/list	2005-03-31 12:01:04 UTC (rev 700)
@@ -24,26 +24,26 @@
 	- sylpheed 1.0.4-1
 	- sylpheed-claws 1.0.4-1
 CAN-2005-0925 (Cross-site scripting (XSS) vulnerability in Ublog 1.0 through 1.0.4 ...)
-	TODO: check
+	NOTE: not-for-us (Uapplication Ublog)
 CAN-2005-0924 (Cross-site scripting (XSS) vulnerability in Adventia E-Data 2.0 allows ...)
-	TODO: check
+	NOTE: not-for-us (Adventia E-Data)
 CAN-2005-0923 (The SmartScan feature in the Auto-Protect module for Symantec Norton ...)
-	TODO: check
+	NOTE: not-for-us (Norton AntiVirus)
 CAN-2005-0922 (Unknown vulnerability in the Auto-Protect module in Symantec Norton ...)
-	NOTE: not-for-us (Lotus)
-	TODO: check
+	NOTE: not-for-us (Norton AntiVirus)
 CAN-2005-0921 (Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local ...)
 	NOTE: not-for-us (Lotus)
 CAN-2005-0920 (Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow ...)
-	TODO: check
+	NOTE: not-for-us (Bugtracker.NET)
 CAN-2005-0919 (Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject ...)
-	TODO: check
+	NOTE: not-for-us (Adventia E-Data)
 CAN-2005-0918
 	NOTE: reserved
 CAN-2005-0917 (PHP remote code injection vulnerability in index_header.php for ...)
-	TODO: check
+	NOTE: not-for-us (EncapsBB not in Debian)
 CAN-2005-0916 (AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with ...)
-	TODO: check
+	kernel-source-2.6.8 (unfixed;)
+	NOTE: 2.4 doesn't seem to be vulnerable
 CAN-2005-0915 (Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to ...)
 	NOTE: not-for-us (Webmasters-Debutants WD Guestbook)
 CAN-2005-0914 (Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly ...)