[Secure-testing-commits] r1123 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Sat, 21 May 2005 13:53:59 +0000
Author: joeyh
Date: 2005-05-21 13:53:56 +0000 (Sat, 21 May 2005)
New Revision: 1123
Modified:
sarge-checks/CAN/list
Log:
gzip fix
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-21 10:06:10 UTC (rev 1122)
+++ sarge-checks/CAN/list 2005-05-21 13:53:56 UTC (rev 1123)
@@ -1703,7 +1703,7 @@
CAN-2005-1229 (Directory traversal vulnerability in cpio 2.6 and earlier allows ...)
- cpio (unfixed; bug #306693)
CAN-2005-1228 (Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through ...)
- - gzip (unfixed; bug #305255)
+ - gzip 1.3.5-10
CAN-2005-1227 (Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier ...)
NOTE: not-for-us (PHPProjekt)
CAN-2005-1226 (Coppermine Photo Gallery 1.3.2 stores passwords in plaintext, which ...)
@@ -2373,7 +2373,7 @@
- mozilla 1.7.7-1
- mozilla-firefox 1.0.2-3
CAN-2005-0988 (Race condition in gzip 1.2.4, 1.3.3, and earlier when decompressing a ...)
- - gzip (unfixed; bug #303927)
+ - gzip 1.3.5-10
NOTE: Essentially the same as CAN-2005-0953
CAN-2005-0987 (Unknown vulnerability in IRC Services NickServ LISTLINKS before 5.0.50 ...)
NOTE: not-for-us (IRC Services NickServ)
@@ -3004,7 +3004,7 @@
NOTE: Does only affect imagemagick releases prior to 6
CAN-2005-0758 (zgrep in gzip before 1.3.5 does not properly sanitize arguments, which ...)
NOTE: see http://bugs.gentoo.org/show_bug.cgi?id=90626
- - gzip (unfixed; bug #308379)
+ - gzip 1.3.5-10
CAN-2005-0757
NOTE: reserved
CAN-2005-0756