[Secure-testing-commits] r1868 - data/CAN

Joey Hess joeyh at costa.debian.org
Thu Sep 8 21:14:22 UTC 2005 

Author: joeyh
Date: 2005-09-08 21:14:18 +0000 (Thu, 08 Sep 2005)
New Revision: 1868

Modified:
   data/CAN/list
Log:
automatic CAN database update

Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-08 20:01:53 UTC (rev 1867)
+++ data/CAN/list	2005-09-08 21:14:18 UTC (rev 1868)
@@ -224,6 +224,7 @@
 CAN-2005-2729 (The HTTP proxy in Astaro Security Linux 6.0 does not properly filter ...)
 	NOTE: not-for-us (Astato specific)
 CAN-2005-2728 (The byte-range filter in Apache 2.0 before 2.0.54 allows remote ...)
+	{DSA-805-1}
 	NOTE: The CVE description is wrong, this has been merged for 2.0.55
 	- apache2 2.0.54-5 (bug #326435; medium)
 CAN-2005-2727 (Home Ftp Server 1.0.7 stores sensitive user information and server ...)
@@ -278,6 +279,7 @@
 CAN-2005-2701
 	NOTE: reserved
 CAN-2005-2700 (ssl_engine_kernel.c in mod_ssl before 2.8.24, when using ...)
+	{DSA-805-1}
 	- libapache-mod-ssl 2.8.24-1 (medium)
 	- apache2 2.0.54-5 (bug #327210; medium)
 CAN-2005-2699 (admin/admin.php in PHPKit 1.6.1 allows remote authenticated ...)
@@ -1374,8 +1376,10 @@
 CAN-2004-2161 (SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows ...)
 	- tutos 1.1.20031017-2.1 (medium)
 CAN-2005-2550 (Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows ...)
+	{DTSA-13-1}
 	- evolution 2.2.3-3 (high)
 CAN-2005-2549 (Multiple format string vulnerabilities in Evolution 1.5 through ...)
+	{DTSA-13-1}
 	- evolution 2.2.3-3 (high)
 end claimed by neilm
 CAN-2005-XXXX [libnet-ssleay-perl: /tmp/entropy insecure]
@@ -2910,6 +2914,7 @@
 CAN-2005-2089 (Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web ...)
 	NOTE: not-for-us (Microsoft)
 CAN-2005-2088 (Apache 2.0.45 and 1.3.29, when acting as an HTTP proxy, allows remote ...)
+	{DSA-805-1 DSA-803-1}
 	- apache 1.3.33-8 (bug #322607; medium)
 	- apache2 2.0.54-5 (bug #316173; medium)
 CAN-2005-2087 (Internet Explorer 6.0.2900.2180 on Windows XP allows remote attackers ...)
@@ -4025,6 +4030,7 @@
 	- php4 4:4.4.0-1 (high)
 	NOTE: horde3 is not affected by this issue, they ship different XMLRPC code
 CAN-2005-1920 (The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through ...)
+	{DSA-804-1}
 	- kdebase 4:3.4.1-1 (bug #319016; medium)
 CAN-2005-1919
 	NOTE: reserved
@@ -6431,6 +6437,7 @@
 	{DSA-734-1}
 	- gaim 1:1.3.1-1 (low)
 CAN-2005-1268 (Off-by-one error in the mod_ssl Certificate Revocation List (CRL) ...)
+	{DSA-805-1}
 	NOTE: This is from latest Trustix advisory, exploitation would require to trick
 	NOTE: someone into using a maliciously crafted certificate revocation list
 	- apache2 2.0.54-5 (bug #320048; low)

More information about the Secure-testing-commits mailing list