[Secure-testing-commits] r1814 - data/CAN

[Joey Hess]

Author: joeyh
Date: 2005-09-04 20:53:50 +0000 (Sun, 04 Sep 2005)
New Revision: 1814

Modified:
   data/CAN/list
Log:
removed all open tracked bugs, found many that were fixed and did some NMUs


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-04 19:49:40 UTC (rev 1813)
+++ data/CAN/list	2005-09-04 20:53:50 UTC (rev 1814)
@@ -62,7 +62,7 @@
 	NOTE: not-for-us (phpGraphy)
 CAN-2005-2734 (Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and ...)
 	- gallery 1.5-2 (bug #325285; medium)
-	- gallery2 (unfixed; bug #325285; medium)
+	TODO: check gallery2
 CAN-2005-2733 (upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly ...)
 	NOTE: not-for-us (Simple PHP Blog)
 CAN-2005-2732 (AWStats 6.4, and possibly earlier versions, allows remote attackers to ...)
@@ -150,7 +150,7 @@
 	NOTE: not-for-us (SunOS)
 CAN-2005-XXXX [osh buffer overflow in handlers.c]
 	NOTE: This is not the same as -13
-	- osh 1.7-14 (unfixed; bug #323424; medium)
+	- osh 1.7-14 (bug #323424; medium)
 CAN-2005-XXXX [Insecure delegation of GSSAPI credentials in ssh]
 	- openssh (unfixed; bug #326065; medium)
 CAN-2005-XXXX [Incorrect port forwarding for dynamic ports in ssh]
@@ -295,7 +295,7 @@
 	NOTE: not-for-us (doesn't affect Debian)
 CAN-2005-2641 (Unknown vulnerability in pam_ldap before 180 does not properly handle ...)
 	{DSA-785-1}
-	- libpam-ldap (unfixed; bug #324899; unknown)
+	- libpam-ldap 178-1sarge1 (bug #324899; unknown)
 CAN-2004-2483 (Kerio WinRoute Firewall before 6.0.9 uses information from PTR queries ...)
 	NOTE: not-for-us (Kerio WinRoute Firewall)
 CAN-2004-2482 (Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word ...)
@@ -991,10 +991,10 @@
 CAN-2005-2498 (Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR ...)
 	{DSA-798-1 DSA-789-1}
 	- drupal 4.5.5-1 (bug #323347; high)
-	- phpgroupware 0.9.16.008-1 (unfixed; bug #323349; high)
+	- phpgroupware 0.9.16.008-1 (bug #323349; high)
 	- egroupware 1.0.0.009.dfsg-1 (bug #323350; high)
 	TODO: phpwiki has disabled the XMLRPC in the last upload, it orphaned as well, should be fixed anyway
-	- php4 (unfixed; bug #323366; high)
+	- php4 4:4.3.10-16 (bug #323366; high)
 	TODO: check php5
 CAN-2005-2497
 	NOTE: reserved
@@ -2736,10 +2736,10 @@
 	NOTE: to search for static zlib signatures in binaries in Debian
 	NOTE: Not all of the listed packages have been checked for actual
 	NOTE: exploitability using this hole.
-	- dpkg (unfixed; bug #317967; medium)
+	- dpkg 1.13.11 (bug #317967; medium)
 	- zsync 0.4.0-2 (medium)
 	- dump (unfixed; bug #317966; medium)
-	- aide (unfixed; bug #317523; medium)
+	- aide 0.10-6.1.1 (bug #317523; medium)
 	- amd64-libs (unfixed; bug #317970; medium)
 	- ia32-libs (unfixed; bug #317971; medium)
 	NOTE: dar-static claimed not used on untrusted input by maintainer in #317989
@@ -2747,7 +2747,7 @@
 	- sash 3.7-6 (medium)
 	- libphysfs-1.0-0 1.0.0-5 (medium)
 	- oops (unfixed; bug #318097; medium)
-	- lsb-rpm (unfixed; bug #318099; medium)
+	- lsb-rpm 4.0.4-31.1 (bug #318099; medium)
 	- rageircd 2.0.0-3sid1 (medium)
 	- systemimager-ssh (unfixed; bug #318101; medium)
 	- texmacs 1:1.0.5-3 (bug #318100; medium)
@@ -4951,7 +4951,7 @@
 CAN-2005-1528
 	NOTE: reserved
 CAN-2005-1527 (Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, ...)
-	- awstats 6.4-1 (unfixed; bug #322591; medium)
+	- awstats 6.4-1.1 (bug #322591; medium)
 CAN-2005-1526 (PHP file inclusion vulnerability in config_settings.php in Cacti ...)
 	{DSA-764-1}
 	- cacti 0.8.6e-1 (high)
@@ -7706,7 +7706,7 @@
 CAN-2005-0758 (zgrep in gzip before 1.3.5 does not properly sanitize arguments, which ...)
 	NOTE: see http://bugs.gentoo.org/show_bug.cgi?id=90626
 	- gzip 1.3.5-10
-	- bzip2 (unfixed; bug #321286; medium)
+	- bzip2 1.0.2-8.1 (bug #321286; medium)
 CAN-2005-0757 (The xattr file system code, as backported in Red Hat Enterprise Linux ...)
 	- kernel-source-2.4.27 2.4.27-11
 	- kernel-source-2.6.8 2.6.8-17