[Secure-testing-commits] r1174 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Sun, 29 May 2005 20:10:52 +0000
Author: jmm-guest
Date: 2005-05-29 20:10:50 +0000 (Sun, 29 May 2005)
New Revision: 1174
Modified:
sarge-checks/CAN/list
Log:
new gforge issue
bugnum for xattr issue
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-29 18:04:26 UTC (rev 1173)
+++ sarge-checks/CAN/list 2005-05-29 20:10:50 UTC (rev 1174)
@@ -1,3 +1,8 @@
+CAN-2005-XXXX [gforge arbitrary code execution through viewFile.php]
+ NOTE: According to advisory posted to Bugtraq fixed in 3.1-30, however it's
+ NOTE: not mentioned in the changelog, so it's either a hidden fix or unfixed
+ TODO: Check back with maintainer
+ - gforge 3.1-30
CAN-2005-XXXX [osh buffer overflow]
- osh 1.7-13
CAN-2005-XXXX [xile buffer overrun in terminal code]
@@ -3290,7 +3295,7 @@
NOTE: see http://bugs.gentoo.org/show_bug.cgi?id=90626
- gzip 1.3.5-10
CAN-2005-0757 (The xattr file system code on Linux 2.4.x on 64-bit systems does not ...)
- - kernel-source-2.4.27 (unfixed; bug filed)
+ - kernel-source-2.4.27 (unfixed; bug #311164)
CAN-2005-0756
NOTE: reserved
CAN-2005-0755 (Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player ...)