[Secure-testing-commits] r1921 - data/DSA

Mon Sep 12 08:51:45 UTC 2005

Author: fw
Date: 2005-09-12 08:51:44 +0000 (Mon, 12 Sep 2005)
New Revision: 1921

Modified:
   data/DSA/list
Log:
Replace "HELP:" by "TODO:".  Fix various syntax errors.


Modified: data/DSA/list
===================================================================

--- data/DSA/list	2005-09-12 07:54:22 UTC (rev 1920)
+++ data/DSA/list	2005-09-12 08:51:44 UTC (rev 1921)
@@ -952,8 +952,8 @@
 	- netkit-telnet-ssl 0.17.24+0.1-4
 [16 Oct 2004] DSA-568-1 cyrus-sasl-mit - unsanitised input
 	{CAN-2004-0884}
-	NOTE removed from testing
-	NOTE maintainer reports hole not in cyrus-sasl2-mit
+	NOTE: removed from testing
+	NOTE: maintainer reports hole not in cyrus-sasl2-mit
 [15 Oct 2004] DSA-567-1 tiff - heap overflows
 	{CAN-2004-0803 CAN-2004-0804 CAN-2004-0886}
 	- tiff 3.6.1-2
@@ -1057,7 +1057,7 @@
 [16 Aug 2004] DSA-537 ruby - insecure file permissions
 	{CAN-2004-0755}
 	- ruby1.8 1.8.1+1.8.2pre1-4
-	HELP: is ruby1.6 vulnerable?
+	TODO: is ruby1.6 vulnerable?
 [04 Aug 2004] DSA-536 libpng - several vulnerabilities
 	{CAN-2004-0597 CAN-2004-0598 CAN-2004-0599 CAN-2004-0768}
 	- libpng 1.0.15-6
@@ -1118,7 +1118,7 @@
 	{CAN-2004-0411}
 	- kdelibs 3.2.3
 [10 Jun 2004] DSA-517 cvs - buffer overflow
-	{CAN-2004-0414]
+	{CAN-2004-0414}
 	- cvs 1.12.9-1
 [07 Jun 2004] DSA-516 postgresql - buffer overflow
 	{CAN-2004-0547}
@@ -1127,7 +1127,7 @@
 	{CAN-2004-0234 CAN-2004-0235}
 	! lha 1.14i-8
 	NOTE: If 1.14i-8 cannot get into testing, the fix for 1.14i-2.0.1
-	from the DSA could to updated via t-p-u.
+	NOTE: from the DSA could to updated via t-p-u.
 [04 Jun 2004] DSA-514 kernel-image-sparc-2.2 - failing function and TLB flush
 	{CAN-2004-0077}
 	- kernel-image-sparc-2.2 9.1
@@ -1344,7 +1344,7 @@
 	! hsftp 1.15-1
 [21 Feb 2004] DSA-446 synaesthesia - insecure file creation
 	{CAN-2004-0160}
-	DSA notes not setuid anymore so ok
+	NOTE: DSA notes not setuid anymore so ok
 [21 Feb 2004] DSA-445 lbreakout2 - buffer overflow
 	{CAN-2004-0158}
 	- lbreakout2 2.4
@@ -1415,9 +1415,9 @@
 	- netpbm-free 2:9.25-9
 [16 Jan 2004] DSA-425 tcpdump - multiple vulnerabilities
 	{CAN-2003-1029 CAN-2003-0989 CAN-2004-0055 CAN-2004-0057}
-	HELP: No idea if this is fixed, we have a new upstream version
-	HELP: that came out after these advisories, but neither the debian nor
-	HELP: the upstream changelog seem to mention them.
+	TODO: No idea if this is fixed, we have a new upstream version
+	TODO: that came out after these advisories, but neither the debian nor
+	TODO: the upstream changelog seem to mention them.
 	NOTE: Mailed maintainer.
 [16 Jan 2004] DSA-424 mc - buffer overflow
 	{CAN-2003-1023}
@@ -1470,7 +1470,7 @@
 	{CAN-2003-0972}
 	- screen 4.0.2-0.1
 [05 Jan 2004] DSA-407 ethereal - buffer overflows
-	{CAN-2003-0925 CAN-2003-0926 CAN-2003-0927 CAN-2003-1012 CAN-2003-1013
+	{CAN-2003-0925 CAN-2003-0926 CAN-2003-0927 CAN-2003-1012 CAN-2003-1013}
 	- ethereal 0.10.0-1
 [05 Jan 2004] DSA-406 lftp - buffer overflow 
 	- lftp 2.6.10-1
@@ -1507,8 +1507,8 @@
 [15 Oct 2003] DSA-395 tomcat4 - incorrect input handling
 	{CAN-2003-0866}
 	! tomcat4 4.1.24-2
-	NOTE another RC (unreproducible?) bug and missing deps (#263201)
-	NOTE are keeping the fix out of testing
+	NOTE: another RC (unreproducible?) bug and missing deps (#263201)
+	NOTE: are keeping the fix out of testing
 [11 Oct 2003] DSA-394 openssl095 - ASN.1 parsing vulnerability
 	{CAN-2003-0543 CAN-2003-0544 CAN-2003-0545}
 	- openssl 0.9.7c
@@ -1525,7 +1525,7 @@
 	- freesweep 0.88-4.1
 [26 Sep 2003] DSA-390 marbles - buffer overflow
 	{CAN-2003-0830}
-	NOTE not present in sid, sarge
+	NOTE: not present in sid, sarge
 [20 Sep 2003] DSA-389 ipmasq - insecure packet filtering rules
 	{CAN-2003-0785}
 	- ipmasq 3.5.12
@@ -1548,7 +1548,7 @@
 	{CAN-2003-0693}
 	{CAN-2003-0695}
 	{CAN-2003-0682}
-	HELP: Screwy changelog does not make sense. Filed bug.
+	TODO: Screwy changelog does not make sense. Filed bug.
 [16 Sep 2003] DSA-382 ssh - possible remote vulnerability
 	{CAN-2003-0693}
 	- openssh 1:3.6.1p2-6.0
@@ -1612,7 +1612,7 @@
 	- eroaster 2.2.0-0.5-1
 [05 Aug 2003] DSA-365 phpgroupware - several vulnerabilities
 	{CAN-2003-0504 CAN-2003-0599 CAN-2003-0657}
-	- phpgroupware 0.9.14.007-1)
+	- phpgroupware 0.9.14.007-1
 [04 Aug 2003] DSA-364 man-db - buffer overflows, arbitrary command execution
 	{CAN-2003-0620 CAN-2003-0645}
 	- man-db 2.4.1-13
@@ -1770,8 +1770,8 @@
 	NOTE: DSA contains some strange non-nethack version numbers
 [11 Jun 2003] DSA-315 gnocatan - buffer overflows, denial of service
 	{CAN-2003-0433}
-	HELP: no mention of any security fixes in debian changelog,
-        HELP: upstream changelog. Mailed maintainer.
+	TODO: no mention of any security fixes in debian changelog,
+        TODO: upstream changelog. Mailed maintainer.
 [11 Jun 2003] DSA-314 atftp - buffer overflow
 	{CAN-2003-0380}
 	- atftp 0.6.2
@@ -1809,7 +1809,7 @@
 	{CAN-2003-0073}
 	- mysql-dfsg 4.0.12-2
 	{CAN-2003-0150}
-	HELP: not sure if this is fixed
+	TODO: not sure if this is fixed
 [07 May 2003] DSA-302 fuzz - privilege escalation
 	{CAN-2003-0261}
 	- fuzz 0.6-7.1
@@ -2061,9 +2061,9 @@
 [09 Jan 2003] DSA-225 tomcat4 - source disclosure
 	{CAN-2002-1394}
 	! tomcat4 4.1.16-1
-	NOTE another RC (unreproducible?) bug and missing deps (#263201)
-	NOTE are keeping the fix out of testing
-	NOTE this is the second unfixed security hole in tomcat4 in testing..
+	NOTE: another RC (unreproducible?) bug and missing deps (#263201)
+	NOTE: are keeping the fix out of testing
+	NOTE: this is the second unfixed security hole in tomcat4 in testing..
 [08 Jan 2003] DSA-224 canna - buffer overflow and more
 	{CAN-2002-1158 CAN-2002-1159}
 	- canna 3.6p1-1
@@ -2182,20 +2182,20 @@
 	- apache 1.3.27-0.1
 	{CAN-2001-0131 CAN-2002-1233}
 	- apache 1.3.27-1
-	HELP: note sure about this
+	TODO: note sure about this
 	NOTE: I have mailed maintainers
 	{NO-CAN Several buffer overflows in ApacheBench}
-	HELP: I don't know about this
+	TODO: I don't know about this
 	NOTE: I have mailed maintainers
 [04 Nov 2002] DSA-187 apache - several vulnerabilities
 	{CAN-2002-0839 CAN-2002-0840 CAN-2002-0843}
 	- apache 1.3.27-0.1
 	{CAN-2001-0131 CAN-2002-1233}
 	- apache 1.3.27-1
-	HELP: note sure about this
+	TODO: note sure about this
 	NOTE: I have mailed maintainers
 	{NO-CAN Several buffer overflows in ApacheBench}
-	HELP: I don't know about this
+	TODO: I don't know about this
 	NOTE: I have mailed maintainers
 [01 Nov 2002] DSA-186 log2mail - buffer overflow
 	{CAN-2002-1251}


