[Secure-testing-commits] r945 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Sun, 01 May 2005 11:44:20 +0000
Author: jmm-guest
Date: 2005-05-01 11:44:17 +0000 (Sun, 01 May 2005)
New Revision: 945
Modified:
sarge-checks/CAN/list
Log:
Filed bugs for affix and kronolith.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-01 11:28:26 UTC (rev 944)
+++ sarge-checks/CAN/list 2005-05-01 11:44:17 UTC (rev 945)
@@ -100,13 +100,13 @@
CAN-2005-1315 (Cross-site scripting (XSS) vulnerability in Horde Turba module before ...)
TODO: check
CAN-2005-1314 (Cross-site scripting (XSS) vulnerability in Horde Kronolith module ...)
- TODO: check
+ - kronolith (unfixed; bug pending)
CAN-2005-1313 (Cross-site scripting (XSS) vulnerability in Horde Passwd module before ...)
TODO: check
CAN-2005-1312 (PHP remote code injection vulnerability in Yappa-NG before 2.3.2 ...)
- TODO: check
+ NOTE: not-for-us (Yappa-NG)
CAN-2005-1311 (Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 ...)
- TODO: check
+ NOTE: not-for-us (Yappa-NG)
CAN-2005-1310 (SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to ...)
NOTE: not-for-us (bBlog)
CAN-2005-1309 (Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote ...)
@@ -140,7 +140,7 @@
CAN-2005-1295 (include.cgi script allows remote attackers to read arbitrary files via ...)
NOTE: not-for-us (include.cgi)
CAN-2005-1294 (The affix_sock_register in the Affix Bluetooth Protocol Stack for ...)
- TODO: check
+ - affix-kernel (unfixed; bug pending)
CAN-2005-1293 (Multiple SQL injection vulnerabilities in default.asp in StorePortal ...)
NOTE: not-for-us (StorePortal)
CAN-2005-1292 (Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP ...)