[Secure-testing-commits] r1931 - in data: CAN DSA

Florian Weimer fw at costa.debian.org
Mon Sep 12 15:29:06 UTC 2005 

Author: fw
Date: 2005-09-12 15:29:00 +0000 (Mon, 12 Sep 2005)
New Revision: 1931

Modified:
   data/CAN/list
   data/DSA/list
Log:
Fix duplicate cross references.

In DSA-187 and DSA-188, the advisory lists the ab issue twice.
Probably an error in the advisory.


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-12 14:30:24 UTC (rev 1930)
+++ data/CAN/list	2005-09-12 15:29:00 UTC (rev 1931)
@@ -3647,7 +3647,7 @@
 CAN-2005-1994 (Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download ...)
 	NOTE: not-for-us (Finjan SurfinGate)
 CAN-2005-1993 (Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL ...)
-	{DSA-735-2 DSA-735-2 DSA-735-1}
+	{DSA-735-2 DSA-735-1}
 	- sudo 1.6.8p9-1 (medium)
 CAN-2005-1992 (The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets ...)
 	{DSA-748-1}
@@ -9184,12 +9184,12 @@
 CAN-2005-0470 (Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers ...)
 	- wpasupplicant 0.3.8-1
 CAN-2005-0469 (Buffer overflow in the slc_add_reply function in various BSD-based ...)
-	{DSA-765-1 DSA-703-1 DSA-699-1 DSA-697-1}
+	{DSA-765-1 DSA-731-1 DSA-703-1 DSA-699-1 DSA-697-1}
 	- krb4 1.2.2-11.2
 	- krb5 1.3.6-2
 	- heimdal 0.6.3-10
 CAN-2005-0468 (Heap-based buffer overflow in the env_opt_add function in telnet.c for ...)
-	{DSA-731-1 DSA-731-1 DSA-703-1}
+	{DSA-731-1 DSA-703-1}
 	- krb5 1.3.6-2
 	- krb4 1.2.2-11.2
 	TODO: check netkit-telnet, netkit-telnet-ssl
@@ -11574,7 +11574,7 @@
 CAN-2004-0995
 	NOTE: reserved
 CAN-2004-0994 (Multiple integer overflows in xzgv 0.8 and earlier allow remote ...)
-	{DSA-614-1 DSA-614-1}
+	{DSA-614-1}
 	NOTE: only indication that it's this CAN is in the debian package changelog
 	- xzgv 0.8-3
 CAN-2004-0993 (Buffer overflow in hpsockd before 0.6 allows remote attackers to cause ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2005-09-12 14:30:24 UTC (rev 1930)
+++ data/DSA/list	2005-09-12 15:29:00 UTC (rev 1931)
@@ -324,7 +324,7 @@
         - mailutils 0.6.1-4
 	NOTE: fixed in testing at time of DSA
 [02 Jun 2005] DSA-731-1 krb4 - buffer overflows
-	{CAN-2005-0468 CAN-2005-0468}
+	{CAN-2005-0468 CAN-2005-0469}
 	- krb4 1.2.2-11.2
 	NOTE: fixed in testing at time of DSA
 [27 May 2005] DSA-730-1 bzip2 - race condition
@@ -2176,21 +2176,15 @@
 	- apache 1.3.27-0.1
 	{CAN-2001-0131 CAN-2002-1233}
 	- apache 1.3.27-1
-	TODO: note sure about this
-	NOTE: I have mailed maintainers
-	{CAN-2002-0843}
-	TODO: I don't know about this
-	NOTE: I have mailed maintainers
+	TODO: CAN-2002-0843 appears to be listed twice in this DSA
+	TODO: (once with NO-CAN)
 [04 Nov 2002] DSA-187 apache - several vulnerabilities
 	{CAN-2002-0839 CAN-2002-0840 CAN-2002-0843}
 	- apache 1.3.27-0.1
 	{CAN-2001-0131 CAN-2002-1233}
 	- apache 1.3.27-1
-	TODO: note sure about this
-	NOTE: I have mailed maintainers
-	{CAN-2002-0843}
-	TODO: I don't know about this
-	NOTE: I have mailed maintainers
+	TODO: CAN-2002-0843 appears to be listed twice in this DSA
+	TODO: (once with NO-CAN)
 [01 Nov 2002] DSA-186 log2mail - buffer overflow
 	{CAN-2002-1251}
 	- log2mail 0.2.6-1

More information about the Secure-testing-commits mailing list