[Secure-testing-commits] r2279 - data/CAN

Moritz Muehlenhoff jmm-guest at costa.debian.org
Sun Oct 2 23:23:36 UTC 2005 

Author: jmm-guest
Date: 2005-10-02 23:23:32 +0000 (Sun, 02 Oct 2005)
New Revision: 2279

Modified:
   data/CAN/list
Log:
two further unfixed issues and the usual bugnums


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-10-02 22:39:46 UTC (rev 2278)
+++ data/CAN/list	2005-10-02 23:23:32 UTC (rev 2279)
@@ -1,3 +1,8 @@
+CAN-2003-XXXX [Incomplete reporting of failed logins in login]
+	- login 1:4.0.3-36 (bug #192849)
+CAN-2004-XXXX [slapd debconfage writes password to world readable file under certain circumstances]
+	- openldap2.2 <unfixed> (bug #260204)
+	TODO: Probably fix already uploaded? -> followup
 CAN-2004-XXXX [Unspecified buffer overflow in libmng]
 	- libmng 1.0.8-1 (bug #250106)
 CAN-2004-XXXX [Multiple buffer overflows in isoqlog]
@@ -2675,8 +2680,7 @@
 CAN-2005-2335 (Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows ...)
 	{DSA-774-1}
 	NOTE: previous fix in -15 was broken
-	- fetchmail 6.2.5-16 (bug #320357; medium)
-	NOTE: woody is not affected according to the bug report.
+	- fetchmail 6.2.5-16 (bug #320357; bug #212762; medium)
 CAN-2005-2320 (WebCalendar before 1.0.0 does not properly restrict access to ...)
 	{DSA-766-1}
 	- webcalendar 0.9.45-7 (bug #315671; medium)
@@ -3419,7 +3423,7 @@
 	NOT-FOR-US: Online-bookmarks
 CAN-2005-2348 [base-config log should not be world readable]
 	RESERVED
-	- base-config 2.68 (low)
+	- base-config 2.68 (bug #254068; low)
 CAN-2005-2169 (Directory traversal vulnerability in source.php in Quick &amp; Dirty ...)
 	NOT-FOR-US: PHPSource Printer
 CAN-2005-2168 (delete.php in Plague News System 0.6 and earlier allows remote ...)
@@ -15404,9 +15408,9 @@
 CAN-2003-0518 (The screen saver in MacOS X allows users with physical access to cause ...)
 	NOT-FOR-US: MacOS
 CAN-2003-0517 (faxrunqd.in in mgetty 1.1.28 and earlier allows local users to ...)
-	- mgetty 1.1.29
+	- mgetty 1.1.29 (bug #199351)
 CAN-2003-0516 (cnd.c in mgetty 1.1.28 and earlier does not properly filter ...)
-	- mgetty 1.1.29
+	- mgetty 1.1.29 (bug #199351)
 CAN-2003-0515 (SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL ...)
 	{DSA-347}
 CAN-2003-0514 (Apple Safari allows remote attackers to bypass intended cookie access ...)

More information about the Secure-testing-commits mailing list