[Secure-testing-commits] r1134 - sarge-checks/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Sun, 22 May 2005 21:31:07 +0000


Author: jmm-guest
Date: 2005-05-22 21:31:04 +0000 (Sun, 22 May 2005)
New Revision: 1134

Modified:
   sarge-checks/CAN/list
Log:
gnutls dos fixed, removed duplicated entry


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-05-22 19:15:03 UTC (rev 1133)
+++ sarge-checks/CAN/list	2005-05-22 21:31:04 UTC (rev 1134)
@@ -298,8 +298,6 @@
 CAN-2005-XXXX [vpnc: config file path security hole]
 	NOTE: no bug ever filed for this
 	- vpnc 0.3.2+SVN20050326-2
-CAN-2005-XXXX [DoS security problem in gnutls]
-	- gnutls (unfixed; bug #309111)
 CAN-2005-XXXX [Several buffer overflows in termpkg]
 	NOTE: Not in Sarge
 	- termpkg 3.3-2 
@@ -1259,7 +1257,8 @@
 CAN-2005-1432
 	NOTE: reserved
 CAN-2005-1431 (The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before ...)
-	- gnutls11 (unfixed; bug #307641)
+	NOTE: Sarge will get a different fix with only the security fix
+	- gnutls11 1.0.16-13.1
 CAN-2005-1430 (Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo ...)
 	NOTE: not-for-us (Mac OS X)
 CAN-2005-1429 (SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows ...)