[Secure-testing-commits] r1799 - data/CAN

Joey Hess joeyh at costa.debian.org
Sat Sep 3 21:14:24 UTC 2005 

Author: joeyh
Date: 2005-09-03 21:14:19 +0000 (Sat, 03 Sep 2005)
New Revision: 1799

Modified:
   data/CAN/list
Log:
automatic CAN database update

Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-03 15:02:10 UTC (rev 1798)
+++ data/CAN/list	2005-09-03 21:14:19 UTC (rev 1799)
@@ -260,6 +260,7 @@
 	{DSA-791-1 DTSA-11-1}
 	- maildrop 1.5.3-1.1etch1 (medium)
 CAN-2005-2654 (phpldapadmin before 0.9.6c allows remote attackers to gain anonymous ...)
+	{DSA-790-1}
 	- phpldapadmin 0.9.6c-5 (medium)
 CAN-2005-XXXX [cplay - still unsafe temporary file handling vulnerable to symlink attacks]
 	- cplay 1.49-8 (bug #324913; low)
@@ -1264,7 +1265,7 @@
 CAN-2005-2449 (Race condition in sandbox before 1.2.11 allows local users to create ...)
 	NOTE: not-for-us (sandbox)
 CAN-2005-2448 (Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow ...)
-	{DTSA-4-1 DTSA-2-1}
+	{DTSA-2-1 DTSA-4-1}
 	- ekg 1:1.5+20050718+1.6rc3-1 (low)
 	- centericq 4.20.0-8etch1 (bug #323185; medium)
 CAN-2005-2447
@@ -1424,7 +1425,7 @@
 CAN-2005-2391 (Unknown vulnerability in 3Com OfficeConnect Wireless 11g Access Point ...)
 	NOTE: not-for-us (3Com OfficeConnect Wireless 11g AP)
 CAN-2005-2390 (Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 ...)
-	{DSA-795-1}
+	{DSA-795-2}
 	- proftpd 1.2.10-20 (low)
 	NOTE: ftpshut fixed in -19, SQLShowInfo in -20
 CAN-2005-2389 (NDMP server in Veritas NetBackup 5.1 allows attackers to cause a ...)
@@ -1466,7 +1467,7 @@
 CAN-2005-2371 (Unknown vulnerability in Oracle Reports 6.0, 6i, 9i, and 10g allows ...)
 	NOTE: not-for-us (Oracle Reports)
 CAN-2005-2370 (Multiple "memory alignment errors" in libgadu, as used in ekg before ...)
-	{DSA-769-1 DTSA-5-1 DTSA-2-1}
+	{DSA-769-1 DTSA-2-1 DTSA-5-1}
 	- gaim 1:1.4.0-5 (low)
 	- centericq 4.20.0-8etch1 (bug #323185; low)
 CAN-2005-2369 (Multiple integer signedness errors in libgadu, as used in ekg before ...)
@@ -3832,7 +3833,7 @@
 CAN-2005-1938
 	NOTE: rejected
 CAN-2005-1937 (A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote ...)
-	{DSA-777-1 DSA-775-1 DTSA-8-2 DTSA-7-1}
+	{DSA-777-1 DSA-775-1 DTSA-7-1 DTSA-8-2}
 	- mozilla-firefox 1.0.4-2sarge3 (medium)
 	- mozilla 2:1.7.8-1sarge1 (medium)
 CAN-2004-2137 (Outlook Express 6.0, when sending multipart e-mail messages using the ...)
@@ -4586,7 +4587,6 @@
 CAN-2005-1655 (AOL Instant Messenger 5.5.x and earlier allows remote attackers to ...)
 	NOTE: not-for-us (AOL Instant Messenger)
 CAN-2005-1654 (Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers ...)
-	{DSA-790-1}
 	NOTE: not-for-us (Hosting Controller)
 CAN-2004-2093 (Buffer overflow in the open_socket_out function in socket.c for rsync ...)
 	- rsync 2.6.1-1
@@ -12006,7 +12006,7 @@
 CAN-2004-0719 (Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, ...)
 	NOTE: not-fos-us (Microsoft)
 CAN-2004-0718 (The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) ...)
-	{DSA-777-1 DSA-775-1 DTSA-8-2 DTSA-7-1}
+	{DSA-777-1 DSA-775-1 DTSA-7-1 DTSA-8-2}
 	NOTE: This has been fixed in mozilla-firefox 0.8 and mozilla 1.6, but recent
 	NOTE: upstream versions became vulnerable again, see
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=296850

More information about the Secure-testing-commits mailing list