[Secure-testing-commits] r2060 - data/CAN

[Florian Weimer]

Author: fw
Date: 2005-09-21 03:50:51 +0000 (Wed, 21 Sep 2005)
New Revision: 2060

Modified:
   data/CAN/list
Log:
CAN-2005-2662 and CAN-2005-2663 have been disclosed.


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-20 21:04:00 UTC (rev 2059)
+++ data/CAN/list	2005-09-21 03:50:51 UTC (rev 2060)
@@ -726,10 +726,12 @@
 	NOTE: not-for-us (elm-me+ is no longer in unstable or testing)
 CAN-2005-2664 (Whisper 32 1.16, and possibly earlier versions, stores passwords in ...)
 	NOTE: not-for-us (Whisper)
-CAN-2005-2663
+CAN-2005-2663 [local file overwrite in masqmail, via a symlink attack]
 	NOTE: reserved
-CAN-2005-2662
+	- masqmail (unfixed; low; bug #329307)
+CAN-2005-2662 [shell command injection in masqmail via email addresses]
 	NOTE: reserved
+	- masqmail (unfixed; high; bug #329307)
 CAN-2005-2661
 	NOTE: reserved
 CAN-2005-2660