[Secure-testing-commits] r1129 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Sun, 22 May 2005 10:17:22 +0000
Author: jmm-guest
Date: 2005-05-22 10:17:19 +0000 (Sun, 22 May 2005)
New Revision: 1129
Modified:
sarge-checks/CAN/list
Log:
Some updates.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-22 00:07:30 UTC (rev 1128)
+++ sarge-checks/CAN/list 2005-05-22 10:17:19 UTC (rev 1129)
@@ -1201,14 +1201,11 @@
CAN-2005-XXXX [Missing input validation in xtradius]
- xtradius (unfixed; bug #307796)
CAN-2005-XXXX [fai tempfile vulnerability]
- NOTE: vorlon reviewed fai 2.8.2 and its changes are ok, but 2.8.1
- NOTE: had many changes that are not appropriate for the freeze.
- NOTE: 2.8 needs to be patched with the security fixes in 2.8.2
- NOTE: and uploaded to t-p-u.
- fai 2.8.2
CAN-2005-XXXX [nvu uses old version of mozilla]
NOTE: contains old copy of xpcom library
NOTE: have not checked to see which security holes re in it exatly
+ NOTE: Has been removed from Sarge
- nvu (unfixed; bug #306822)
CAN-2005-XXXX [eskuel: arbitrary file retreiving]
- eskuel 1.0.5-3.1
@@ -1393,10 +1390,10 @@
CAN-2005-1369 (The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before ...)
NOTE: does not affect 2.4.27 per horms
- kernel-source-2.6.8 2.6.8-16
- - kernel-source-2.6.11 (unfixed; fix in svn; bug #307552)
+ - kernel-source-2.6.11 2.6.11-4
CAN-2005-1368 (The key_user_lookup function in security/keys/key.c in Linux kernel ...)
NOTE: does not affect 2.6.8, 2.4.27 per horms
- - kernel-source-2.6.11 (unfixed; fix in svn; bug #307553)
+ - kernel-source-2.6.11 2.6.11-4
CAN-2005-1367 (Pico Server (pServ) 3.2 and earlier allows local users to read ...)
NOTE: not-for-us (pServ)
CAN-2005-1366 (Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain ...)