[Secure-testing-commits] r972 - sarge-checks/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Tue, 03 May 2005 21:44:44 +0000


Author: jmm-guest
Date: 2005-05-03 21:44:38 +0000 (Tue, 03 May 2005)
New Revision: 972

Modified:
   sarge-checks/CAN/list
Log:
Kernel DoS bugs from 2.6.11.8 filed.
lam-runtime is Mandrake specific.


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-05-03 21:14:42 UTC (rev 971)
+++ sarge-checks/CAN/list	2005-05-03 21:44:38 UTC (rev 972)
@@ -38,7 +38,7 @@
 CAN-2005-1380 (Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 ...)
 	NOTE: not-for-us (BEA Weblogic)
 CAN-2005-1379 (The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on ...)
-	TODO: check
+	NOTE: not-for-us (Mandrake specific packaging flaw)
 CAN-2005-1378 (SQL injection vulnerability in posting_notes.php in the notes module ...)
 	NOTE: not-for-us (phpbb mod)
 CAN-2005-1377 (Multiple PHP remote code injection vulnerabilities in Claroline 1.5.3 ...)
@@ -58,9 +58,9 @@
 CAN-2005-1370 (Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView ...)
 	NOTE: not-for-us (HO OpenView)
 CAN-2005-1369 (The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before ...)
-	TODO: check
+	- kernel-source-2.6.8 (unfixed; bug filed)
 CAN-2005-1368 (The key_user_lookup function in security/keys/key.c in Linux kernel ...)
-	TODO: check
+	- kernel-source-2.6.8 (unfixed; bug filed)
 CAN-2005-1367
 	NOTE: reserved
 CAN-2005-1366