[Secure-testing-commits] r2428 - data/CAN

Moritz Muehlenhoff jmm-guest at costa.debian.org
Mon Oct 17 22:07:56 UTC 2005 

Author: jmm-guest
Date: 2005-10-17 22:07:52 +0000 (Mon, 17 Oct 2005)
New Revision: 2428

Modified:
   data/CAN/list
Log:
lots of nfus, a new issue, one entry possibly duplicated


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-10-17 22:02:01 UTC (rev 2427)
+++ data/CAN/list	2005-10-17 22:07:52 UTC (rev 2428)
@@ -55,39 +55,38 @@
 	NOT-FOR-US: BitDefender Antivirus
 CAN-2005-3210 (Multiple interpretation error in unspecified versions of Kaspersky ...)
 	NOT-FOR-US: Kaspersky Antivirus
-begin claimed by jmm
 CAN-2005-3209 (Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store ...)
-	TODO: check
+	NOT-FOR-US: aeNovo apps
 CAN-2005-3208 (Multiple SQL injection vulnerabilities in (1) aeNovo, (2) aeNovoShop ...)
-	TODO: check
+	NOT-FOR-US: aeNovo apps
 CAN-2005-3207 (The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CAN-2005-3206 (iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CAN-2005-3205 (Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus) in ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CAN-2005-3204 (Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CAN-2005-3203 (The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CAN-2005-3202 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CAN-2005-3201 (SQL injection vulnerability in news.php for Utopia News Pro 1.1.3 when ...)
-	TODO: check
+	NOT-FOR-US: Utopia News Pro
 CAN-2005-3200 (Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro ...)
-	TODO: check
+	NOT-FOR-US: Utopia News Pro
 CAN-2005-3199 (Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ ...)
-	TODO: check
+	NOT-FOR-US: aspReady
 CAN-2005-3198 (Webroot Desktop Firewall before 1.3.0build52 allows local users to ...)
-	TODO: check
+	NOT-FOR-US: Webroot Desktop Firewall
 CAN-2005-3197 (Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop ...)
-	TODO: check
+	NOT-FOR-US: Webroot Desktop Firewall
 CAN-2005-3196 (Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a ...)
-	TODO: check
+	NOT-FOR-US: Planet Technology switch
 CAN-2005-3195 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow ...)
-	TODO: check
+	NOTE: This is a duplicate from CAN-2005-3178? I've pinged Steven
 CAN-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), ...)
-	TODO: check
+	NOT-FOR-US: ALZip
 CAN-2005-3193
 	RESERVED
 CAN-2005-3192
@@ -95,7 +94,7 @@
 CAN-2005-3191
 	RESERVED
 CAN-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 ...)
-	TODO: check
+	NOT-FOR-US: iGateway
 CAN-2005-3189
 	RESERVED
 CAN-2005-3188
@@ -107,10 +106,9 @@
 CAN-2005-3184
 	RESERVED
 CAN-2005-3183 (The HTBoundary_put_block function in HTBound.c for W3C libwww ...)
-	TODO: check
+	- w3c-libwww <unfixed> (bug filed; low)
 CAN-2005-3182
 	RESERVED
-end claimed by jmm
 CAN-2005-XXXX [unsafe temporary file creation in flexbackup default config]
 	- flexbackup <unfixed> (bug #334350; low)
 CAN-2005-XXXX [xscreensaver does not maintain screen locks during upgrade]

More information about the Secure-testing-commits mailing list