[Secure-testing-commits] r979 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Wed, 04 May 2005 02:44:53 +0000
Author: joeyh
Date: 2005-05-04 02:44:47 +0000 (Wed, 04 May 2005)
New Revision: 979
Modified:
sarge-checks/CAN/list
Log:
quake2 update and link to right xpm4 hole (for sarge, not woody)`
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-04 02:21:17 UTC (rev 978)
+++ sarge-checks/CAN/list 2005-05-04 02:44:47 UTC (rev 979)
@@ -316,6 +316,8 @@
CAN-2005-1246 (Format string vulnerability in the snmppd_log function in ...)
NOTE: not-for-us (snmppd)
CAN-2005-XXXX [Multiple security problems in Quake 2]
+ NOTE: this release added lots of warnings about the security problems
+ - quake2 1:0.3-1.1
- quake2 (unfixed; bug #280573)
CAN-2005-1245 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, ...)
NOTE: not-for-us (MediaWiki not yet in Debian)
@@ -2153,7 +2155,7 @@
NOTE: not-for-us (CubeCert)
CAN-2005-0605 (scan.c for LibXPM may allow attackers to execute arbitrary code via a ...)
- lesstif1 1:0.93.94-11.1
- - libxpm4 (unfixed; bug #298939)
+ - libxpm4 (unfixed; bug #299272)
CAN-2005-0604 (lnss.exe in GFI Languard Network Security Scanner 5.0 stores the ...)
NOTE: not-for-us (GFI Languard Network Security Scanner)
CAN-2005-0603 (viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to ...)