[Secure-testing-commits] r1834 - in data: . CAN

Wed Sep 7 14:43:42 UTC 2005

Author: joeyh
Date: 2005-09-07 14:43:38 +0000 (Wed, 07 Sep 2005)
New Revision: 1834

Modified:
   data/CAN/list
   data/embedded-code-copies
Log:
the ongoing phpbb2 version madness


Modified: data/CAN/list
===================================================================

--- data/CAN/list	2005-09-07 11:37:50 UTC (rev 1833)
+++ data/CAN/list	2005-09-07 14:43:38 UTC (rev 1834)
@@ -1,4 +1,5 @@
 CAN-2005-XXXX [Four potentially DoS exploitable deadlocks and leaks in kernel 2.6]
+
 	- linux-2.6 2.6.12-6 (low)
 CAN-2005-2766 (Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly ...)
 	NOTE: not-for-us (Symantec AntiVirus)
@@ -1018,7 +1019,7 @@
 CAN-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular ...)
 	{DSA-800-1 DTSA-10-1}
 	- pcre3 6.3-0.1etch1 (bug #324531; medium)
-	NOTE: gnumeric includes one as well; according to upstream not exploitable in gnumeric,
+	NOTE: gnumeric/goffice includes one as well; according to upstream not exploitable in gnumeric,
 	NOTE: new copy will be included any way
 	- python2.1 2.1.3dfsg-3 (medium)
 	- python2.2 2.2.3dfsg-4 (medium)
@@ -6244,7 +6245,7 @@
 CAN-2005-1291 (Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow ...)
 	NOTE: not-for-us (CartWIZ ASP Cart)
 CAN-2005-1290 (Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.14 ...)
-	- phpbb2 2.0.13+1-6 (low)
+	- phpbb2 2.0.13-6sarge1 (low)
 CAN-2005-1289 (index.cgi in E-Cart 2004 1.1 and earlier allows remote attackers to ...)
 	NOTE: not-for-us (E-Cart)
 CAN-2005-1288 (inc_login_check.asp ACS Blog 0.8 through 1.1.3 allows remote attackers ...)
@@ -6469,7 +6470,7 @@
 CAN-2005-1194 (Stack-based buffer overflow in the ieee_putascii function for nasm ...)
 	- nasm 0.98.38-1.2
 CAN-2005-1193 (The bbencode_second_pass and make_clickable functions in bbcode.php ...)
-	- phpbb2 2.0.13+1-6 (medium)
+	- phpbb2 2.0.13-6sarge1 (medium)
 CAN-2005-1192 (Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and ...)
 	NOTE: not-for-us (HP-UX)
 CAN-2004-1776 (Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2005-09-07 11:37:50 UTC (rev 1833)
+++ data/embedded-code-copies	2005-09-07 14:43:38 UTC (rev 1834)
@@ -77,8 +77,9 @@
 pcre:
 python
 php4 (src included, but Debian package links dynamically)
+analog (src included, but Debian package links dynamically)
+libgoffice-1
 
-
 tiff:
 wxpythongtk (check, which debian pkg this is in)
 older kdegraphics/kpdf releases < 3.3 embedded a copy


