[Secure-testing-commits] r1825 - data/CAN

[Moritz Muehlenhoff]

Author: jmm-guest
Date: 2005-09-06 09:13:07 +0000 (Tue, 06 Sep 2005)
New Revision: 1825

Modified:
   data/CAN/list
Log:
insecure mldonkey perms fixed
requested two CVE assignments for kernel issues


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-06 07:54:13 UTC (rev 1824)
+++ data/CAN/list	2005-09-06 09:13:07 UTC (rev 1825)
@@ -166,8 +166,10 @@
 	- courier 0.47-8 (medium; bug #325631)
 CAN-2005-XXXX [xattr sharing bug in kernel's ext3 code]
 	- kernel-source-2.4.27 2.4.27-11 (medium)
+	NOTE: CVE assignment requested
 	NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00238.html
 CAN-2005-XXXX [Remote DoS when using ipt_recent on 64 bit systems]
+	NOTE: CVE assignment requested
 	- kernel-source-2.4.27 2.4.27-11 (bug #322237; medium)
 CAN-2005-XXXX [polygen doesn't honor umask when creating grm.o files]
 	NOTE: Fix in -8 had problems
@@ -1030,7 +1032,7 @@
 CAN-2005-XXXX [Does not do escaping in mysql version - both a worrying flaw and stops adduser working]
 	- dbmail (unfixed; bug #303991; medium)
 CAN-2005-XXXX [downloads.ini writable by group users, world-readable]
-	- mldonkey-server (unfixed; bug #300560; low)
+	- mldonkey 2.5.28.1-1 (bug #300560; low)
 CAN-2005-XXXX [Should include "UNRESTRICTED access to your computer" warning somewhere]
 	- gcjwebplugin (unfixed; bug #267040; high)
 CAN-2005-XXXX [Inconsistent escaping of user supplied data in dbauthpgsql.c]