[Secure-testing-commits] r1147 - sarge-checks/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Wed, 25 May 2005 09:22:10 +0000 

Author: jmm-guest
Date: 2005-05-25 09:22:07 +0000 (Wed, 25 May 2005)
New Revision: 1147

Modified:
   sarge-checks/CAN/list
Log:
CANify snmp, imagemagick and gdb
claim a block


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-05-25 09:14:21 UTC (rev 1146)
+++ sarge-checks/CAN/list	2005-05-25 09:22:07 UTC (rev 1147)
@@ -1,3 +1,4 @@
+begin claimed by jmm
 CAN-2005-1750 (SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 ...)
 	TODO: check
 CAN-2005-1749 (Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 ...)
@@ -19,9 +20,9 @@
 CAN-2005-1741 (Gearbox Software Halo Combat Evolved 1.6 allows remote attackers to ...)
 	TODO: check
 CAN-2005-1740 (fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files ...)
-	TODO: check
+	- net-snmp (unfixed; bug filed)
 CAN-2005-1739 (The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick ...)
-	TODO: check
+	- imagemagick (unfixed; bug #310690)
 CAN-2005-1738 (Multiple format string vulnerabilities in the (1) logPrintBadfile ...)
 	TODO: check
 CAN-2005-1737 (Multiple unknown vulnerabilities in PROMS 0.11 allow "non-authorized ...)
@@ -90,8 +91,9 @@
 	TODO: check
 CAN-2005-1705 (gdb before 6.3 searches the current working directory to load the ...)
 	TODO: check
+end claimed by jmm
 CAN-2005-1704 (Integer overflow in the BFD library for gdb before 6.3 allows ...)
-	TODO: check
+	- gdb (unfixed; bug #308624)
 CAN-2005-1703 (Warrior Kings: Battles 1.23 and earlier allows remote attackers to ...)
 	TODO: check
 CAN-2005-1702 (Format string vulnerability in Warrior Kings: Battles 1.23 and earlier ...)
@@ -268,10 +270,6 @@
 	TODO: check
 CAN-2000-1224 (Caucho Technology Resin 1.2 and possibly earlier allows remote ...)
 	TODO: check
-CAN-2005-XXXX [imagemagick xwd endless loop DoS]
-	- imagemagick (unfixed; bug #310690)
-CAN-2005-XXXX [Insecure tempfile handling in net-snmp's fixproc]
-	- net-snmp (unfixed; bug filed)
 CAN-2005-XXXX [Two DoS condition in ekg]
 	- ekg 1:1.5+20050411-3
 CAN-2005-XXXX [lcrash affected by libbfd integer overflows]
@@ -584,8 +582,6 @@
 CAN-2005-XXXX [Integer overflow in binutils' ELF parsing]
 	- binutils 2.15-6
 	- kmd (unfixed; bug #310139)
-CAN-2005-XXXX [Integer overflow in gdb's ELF parsing]
-	- gdb (unfixed; bug #308624)
 CAN-2005-XXXX [Multiple vulnerabilities in HT editor]
 	- ht 0.8.0-2
 CAN-2005-XXXX [unrar: opens /tmp/debug_unrar.txt]