[Secure-testing-commits] r2116 - data/CAN

Moritz Muehlenhoff jmm-guest at costa.debian.org
Fri Sep 23 00:57:04 UTC 2005 

Author: jmm-guest
Date: 2005-09-23 00:57:01 +0000 (Fri, 23 Sep 2005)
New Revision: 2116

Modified:
   data/CAN/list
Log:
hiki CANified
mark one older bug as not-affected


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-23 00:27:48 UTC (rev 2115)
+++ data/CAN/list	2005-09-23 00:57:01 UTC (rev 2116)
@@ -601,7 +601,7 @@
 CAN-2005-2765 (The user interface in the Windows Firewall does not properly display ...)
 	NOTE: not-for-us (Microsoft Windows)
 CAN-2005-2764 (Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to ...)
-	TODO: check
+	NOTE: not-for-us (OpenTTD)
 CAN-2005-2763 (Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow ...)
 	NOTE: not-for-us (OpenTTD)
 CAN-2005-2762
@@ -2027,8 +2027,6 @@
 	NOTE: This is fixed in zlib 1.2.3, we could check if other apps embedding
 	NOTE: zlib 1.2 are affected as well
 	- rsync 2.6.6-1 (low)
-CAN-2005-XXXX [Unspecified XSS in hiki]
-	- hiki 0.8.2-1
 CAN-2005-2404 (SQL injection vulnerability in sendcard.php in Sendcard 3.2.3 allows ...)
 	NOTE: not-for-us (Sendcard)
 CAN-2005-2403 (The login protocol in RealChat 3.5.1b does not use authentication, ...)
@@ -2161,7 +2159,7 @@
 CAN-2005-2337
 	NOTE: reserved
 CAN-2005-2336 (Cross-site scripting (XSS) vulnerability in Hiki 0.8.0 to 0.8.2 allows ...)
-	TODO: check
+	- hiki 0.8.2-1
 CAN-2005-2334 (Y.SAK allows remote attackers to execute arbitrary commands via shell ...)
 	NOTE: not-for-us (Y.SAK)
 CAN-2005-2333 (Cross-site scripting (XSS) vulnerability in smilies_popup.php in ...)
@@ -6427,7 +6425,7 @@
 CAN-2003-1139 (Musicqueue 1.2.0 allows local users to overwrite arbitrary files by ...)
 	NOTE: not-for-us (Musicqueue)
 CAN-2003-1138 (The default configuration of Apache 2.0.40, as shipped with Red Hat ...)
-	NOTE: not-for-us (Red Hat specific)
+	- apache2 not-affected (Red Hat specific default config)
 CAN-2003-1137 (Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to ...)
 	NOTE: not-for-us (sh-httpd)
 CAN-2003-1136 (Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook ...)

More information about the Secure-testing-commits mailing list