[Secure-testing-commits] r2280 - data/CAN
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Sun Oct 2 23:44:14 UTC 2005
Author: jmm-guest
Date: 2005-10-02 23:44:10 +0000 (Sun, 02 Oct 2005)
New Revision: 2280
Modified:
data/CAN/list
Log:
unfixed apt-listchanges issue and an older konqueror issue
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-10-02 23:23:32 UTC (rev 2279)
+++ data/CAN/list 2005-10-02 23:44:10 UTC (rev 2280)
@@ -1,3 +1,8 @@
+CAN-2004-XXXX [Minor dialog box origin spoofing vulnerability in Konqueror]
+ - kdebase 3.3.1-1 (bug #278002; low)
+ TODO: According to http://secunia.com/secunia_research/2004-10/advisory/ Firefox and Mozilla aff. as well
+CAN-2005-XXXX [apt-listchanges does not drop privs, spawned pagers may permit execution of further commands]
+ - apt-listchanges <unfixed> (bug #318736; medium)
CAN-2003-XXXX [Incomplete reporting of failed logins in login]
- login 1:4.0.3-36 (bug #192849)
CAN-2004-XXXX [slapd debconfage writes password to world readable file under certain circumstances]
More information about the Secure-testing-commits
mailing list