[Secure-testing-commits] r1114 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Fri, 20 May 2005 12:37:18 +0000
Author: jmm-guest
Date: 2005-05-20 12:37:15 +0000 (Fri, 20 May 2005)
New Revision: 1114
Modified:
sarge-checks/CAN/list
Log:
openmotif includes a vulnerable copy of libxpm as well...
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-20 12:08:51 UTC (rev 1113)
+++ sarge-checks/CAN/list 2005-05-20 12:37:15 UTC (rev 1114)
@@ -3514,6 +3514,8 @@
NOTE: lesstif1
- lesstif1-1 1:0.93.94-11.3
- libxpm4 4.3.0.dfsg.1-13
+ NOTE: openmotif is non-free
+ - openmotif (unfixed; bug #308819)
CAN-2005-0604 (lnss.exe in GFI Languard Network Security Scanner 5.0 stores the ...)
NOTE: not-for-us (GFI Languard Network Security Scanner)
CAN-2005-0603 (viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to ...)
@@ -6840,6 +6842,8 @@
- lesstif1 1:0.93.94-11.3
NOTE: but lesstif2 did get fixed for this hole..
- lesstif2 1_0.93.94-11.2
+ NOTE: openmotif is non-free
+ - openmotif (unfixed; bug #308819)
CAN-2004-0913 (Unknown vulnerability in ecartis 0.x before ...)
{DSA-572-1}
- squid 2.5.6-9
@@ -7353,10 +7357,14 @@
{DSA-561-1 DSA-560-1}
NOTE: lesstif2 is fixed, 1 is not, same source package
- lesstif1 (unfixed; bug #294099)
+ NOTE: openmotif is non-free
+ - openmotif (unfixed; bug #308819)
CAN-2004-0687 (Multiple stack-based buffer overflows in (1) xpmParseColors in ...)
{DSA-561-1 DSA-560-1}
NOTE: lesstif2 is fixed, 1 is not, same source package
- lesstif1 (unfixed; bug #294099)
+ NOTE: openmotif is non-free
+ - openmotif (unfixed; bug #308819)
CAN-2004-0686 (Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the ...)
- samba 3.0.5
CAN-2004-0685 (Certain USB drivers in the Linux 2.4 kernel use the copy_to_user ...)