[Secure-testing-commits] r2377 - data/CAN

Mon Oct 10 08:17:29 UTC 2005

Author: jmm-guest
Date: 2005-10-10 08:17:25 +0000 (Mon, 10 Oct 2005)
New Revision: 2377

Modified:
   data/CAN/list
Log:
track uw-imap by srcpkg name, lots of mozilla fixes, fixes from DSAs


Modified: data/CAN/list
===================================================================

--- data/CAN/list	2005-10-10 08:11:52 UTC (rev 2376)
+++ data/CAN/list	2005-10-10 08:17:25 UTC (rev 2377)
@@ -73,7 +73,7 @@
 CAN-2005-3151 (Buffer overflow in blenderplay in Blender Player 2.37a allows ...)
 	- blender <unfixed> (bug #332313; low)
 CAN-2005-3150 (Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, ...)
-	- weex <unfixed> (bug #332424; medium)
+	- weex 2.6.1-6sarge1 (bug #332424; medium)
 CAN-2005-3149 (Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly ...)
 	- uim <unfixed> (bug #331620; medium)
 CAN-2005-3148 (StoreBackup before 1.19 in SUSE Linux does not properly set the uid ...)
@@ -616,8 +616,9 @@
 CAN-2005-2967 [Format string vulnerability in xine-libs CDDB code]
 	RESERVED
 	- xine-lib <unfixed> (bug #332919; medium)
-CAN-2005-2965
+CAN-2005-2965 [Insecure temp files in graphviz]
 	RESERVED
+	- graphviz 2.2.1-1sarge1 (low) 
 CAN-2005-2964 (Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers ...)
 	- abiword 2.2.10-1 (bug #329839; medium)
 CAN-2005-2963 [Mod-Authshadow: Incorrect enforcement of AuthShadow when 'require group' is set]
@@ -836,7 +837,7 @@
 CAN-2005-2871 (Buffer overflow in the International Domain Name (IDN) support in ...)
 	{DSA-837-1}
 	- mozilla-firefox 1.0.6-5 (bug #327452; bug #327802; medium)
-	- mozilla <unfixed> (bug #327455; medium)
+	- mozilla 2:1.7.12-1 (bug #327455; medium)
 	- epiphany-browser <unfixed> (bug #327366; medium)
 CAN-2005-XXXX [several buffer overflows in MS CHM library before version 0.36]
 	- chmlib 0.36-1 (bug #327431)
@@ -1179,31 +1180,31 @@
 CAN-2005-2707 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
 	{DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
-	- mozilla <unfixed> (bug filed; medium)
+	- mozilla 2:1.7.12-1 (medium)
 CAN-2005-2706 (Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote ...)
 	{DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
-	- mozilla <unfixed> (bug filed; high)
+	- mozilla 2:1.7.12-1 (high)
 CAN-2005-2705 (Integer overflow in the JavaScript engine in Firefox before 1.0.7 and ...)
 	{DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
-	- mozilla <unfixed> (bug filed; high)
+	- mozilla 2:1.7.12-1 (high)
 CAN-2005-2704 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
 	{DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
-	- mozilla <unfixed> (bug filed; medium)
+	- mozilla 2:1.7.12-1 (medium)
 CAN-2005-2703 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
 	{DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
-	- mozilla <unfixed> (bug filed; medium)
+	- mozilla (medium)
 CAN-2005-2702 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
 	{DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
-	- mozilla <unfixed> (bug filed; high)
+	- mozilla 2:1.7.12-1 (high)
 CAN-2005-2701 (Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite ...)
 	{DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
-	- mozilla <unfixed> (bug #329778; medium)
+	- mozilla 2:1.7.12-1 (bug #329778; medium)
 CAN-2005-2700 (ssl_engine_kernel.c in mod_ssl before 2.8.24, when using ...)
 	{DSA-807-1 DSA-805-1}
 	- libapache-mod-ssl 2.8.24-1 (medium)
@@ -4579,7 +4580,7 @@
 CAN-2005-1976
 	RESERVED
 CAN-2002-1782 (The default configuration of University of Washington IMAP daemon ...)
-	- uw-imapd <unfixed> (bug #315499; low)
+	- uw-imap <unfixed> (bug #315499; low)
 CAN-2002-1781 (Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote ...)
 	NOT-FOR-US: DeleGate
 CAN-2002-1780 (BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a ...)


