[Secure-testing-commits] r1078 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Mon, 16 May 2005 23:55:08 +0000
Author: joeyh
Date: 2005-05-16 23:55:06 +0000 (Mon, 16 May 2005)
New Revision: 1078
Modified:
sarge-checks/CAN/list
Log:
xpm sercurity fix was not very good and added new security issues
I don't think this affects the corresponding fix in libtiff, since we
spotted problems with s_popen there and backported newer x.org fixes.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-16 23:50:12 UTC (rev 1077)
+++ sarge-checks/CAN/list 2005-05-16 23:55:06 UTC (rev 1078)
@@ -1,3 +1,5 @@
+CAN-2005-XXX [libxpm4: new s_popen() function is insecure garbage]
+ - libxpm4 (unfixed; bug #308783)
CAN-2005-1589
NOTE: reserved
CAN-2005-1588 (SQL injection vulnerability in index.php for Quick.cart 0.3.0 allows ...)