[Secure-testing-commits] r2328 - data/CAN

Moritz Muehlenhoff jmm-guest at costa.debian.org
Thu Oct 6 12:45:10 UTC 2005 

Author: jmm-guest
Date: 2005-10-06 12:45:06 +0000 (Thu, 06 Oct 2005)
New Revision: 2328

Modified:
   data/CAN/list
Log:
new issues in weex and storebackup (already fixed in testing)


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-10-06 12:20:31 UTC (rev 2327)
+++ data/CAN/list	2005-10-06 12:45:06 UTC (rev 2328)
@@ -54,21 +54,23 @@
 	NOT-FOR-US: CubeCart
 CAN-2005-3151 (Buffer overflow in blenderplay in Blender Player 2.37a allows ...)
 	- blender <unfixed> (bug #332313; low)
-begin claimed by jmm
 CAN-2005-3150 (Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, ...)
-	TODO: check
+	- weex <unfixed> (bug filed; medium)
 CAN-2005-3149 (Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly ...)
 	- uim <unfixed> (bug #331620; medium)
 CAN-2005-3148 (StoreBackup before 1.19 in SUSE Linux does not properly set the uid ...)
-	TODO: check
+	- storebackup 1.19-1 (bug filed)
+	NOTE: Bug filed for stable, fixed in testing/sid
 CAN-2005-3147 (StoreBackup before 1.19 in SUSE Linux creates the backup root with ...)
-	TODO: check
+	- storebackup 1.19-1 (bug filed; medium)
+	NOTE: Bug filed for stable, fixed in testing/sid
 CAN-2005-3146 (StoreBackup before 1.19 in SUSE Linux allows local users to perform ...)
-	TODO: check
+	- storebackup 1.19-1 (bug filed; medium)
+	NOTE: Bug filed for stable, fixed in testing/sid
 CAN-2005-3145 (httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Standard Based Linux Instrumentation
 CAN-2005-3144 (httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Standard Based Linux Instrumentation
 CAN-2005-3143 (Unspecified vulnerability in the Mailbox Server for 4D WebStar before ...)
 	NOT-FOR-US: Mailbox Server for 4D WebStar
 CAN-2005-3142 (Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and ...)
@@ -76,13 +78,14 @@
 CAN-2005-3141 (Cerulean Studios Trillian 3.0 allows remote attackers to cause a ...)
 	NOT-FOR-US: Trillian
 CAN-2005-3140 (Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions ...)
-	TODO: check
+	NOT-FOR-US: Procom NetFORCE
+begin claimed by jmm
 CAN-2005-3137 (The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow ...)
 	TODO: check
 CAN-2005-3136 (Directory traversal vulnerability in Virtools Web Player 3.0.0.100 and ...)
 	TODO: check
 CAN-2005-3135 (Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows ...)
-	TODO: check
+	NOT-FOR-US: Virtools Web Player
 CAN-2005-3134 (Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote ...)
 	TODO: check
 CAN-2005-3133 (Multiple directory traversal vulnerabilities in MERAK Mail Server ...)

More information about the Secure-testing-commits mailing list