[Secure-testing-commits] r2119 - in data: CAN CVE DSA packages

Florian Weimer fw at costa.debian.org
Fri Sep 23 08:14:55 UTC 2005


Author: fw
Date: 2005-09-23 08:14:51 +0000 (Fri, 23 Sep 2005)
New Revision: 2119

Modified:
   data/CAN/list
   data/CVE/list
   data/DSA/list
   data/packages/removed-packages
Log:
Resolve more unknown packages.  Leave the kernel packages untouched
because I'm not sure about them.


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-23 07:55:31 UTC (rev 2118)
+++ data/CAN/list	2005-09-23 08:14:51 UTC (rev 2119)
@@ -1257,12 +1257,12 @@
 	NOTE: not-for-us (XMB Forum)
 CAN-2005-2573 (The mysql_create_function function in sql_udf.cc for MySQL 4.0 before ...)
 	- mysql not-affected (Windows specific mysql holes)
-	- mysql-4.1 not-affected (Windows specific mysql holes)
-	- mysql-5.0 not-affected (Windows specific mysql holes)
+	- mysql-dfsg-4.1 not-affected (Windows specific mysql holes)
+	- mysql-dfsg-5.0 not-affected (Windows specific mysql holes)
 CAN-2005-2572 (MySQL, when running on Windows, allows remote authenticated users with ...)
 	- mysql not-affected (Windows specific mysql holes)
-	- mysql-4.1 not-affected (Windows specific mysql holes)
-	- mysql-5.0 not-affected (Windows specific mysql holes)
+	- mysql-dfsg-4.1 not-affected (Windows specific mysql holes)
+	- mysql-dfsg-5.0 not-affected (Windows specific mysql holes)
 CAN-2005-2571 (FunkBoard 0.66CF, and possibly earlier versions, does not properly ...)
 	NOTE: not-for-us (FunkBoard)
 CAN-2005-2570 (FunkBoard 0.66CF, and possibly earlier versions, allows remote ...)
@@ -11263,7 +11263,7 @@
 	NOTE: not-for-us (MSIE)
 CAN-2004-1318 (Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu ...)
 	{DSA-627-1}
-	- namuzu2 2.0.14
+	- namazu2 2.0.14
 CAN-2004-1317 (Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, ...)
 	NOTE: apparently only affects netcat in windows
 CAN-2004-1316 (Heap-based buffer overflow in MSG_UnEscapeSearchUrl in ...)
@@ -11938,7 +11938,7 @@
 CAN-2004-1026 (Multiple integer overflows in the image handler for imlib 1.9.14 and ...)
 	{DSA-628-1 DSA-618-1}
 	- imlib 1.9.14-17.1
-	- imlib-png2 1.9.14-16.1
+	- imlib+png2 1.9.14-16.1
 	- imlib2 1.1.2-2.1
 CAN-2004-1025 (Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, ...)
 	{DSA-618-1}

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-09-23 07:55:31 UTC (rev 2118)
+++ data/CVE/list	2005-09-23 08:14:51 UTC (rev 2119)
@@ -801,7 +801,7 @@
 CVE-2002-1153
 	NOTE: not-for-us (IBM Websphere)
 CVE-2002-1152
-	- konqeror 3.03
+	- konqueror 3.03
 CVE-2002-1151
 	{DSA-167}
 CVE-2002-1148

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2005-09-23 07:55:31 UTC (rev 2118)
+++ data/DSA/list	2005-09-23 08:14:51 UTC (rev 2119)
@@ -40,7 +40,7 @@
 	NOTE: not fixed in testing at time of DSA (too young)
 [12 Sep 2005] DSA-808-1 tdiary - design error
 	{CAN-2005-2411}
-	- tdairy 2.0.2-1 (medium)
+	- tdiary 2.0.2-1 (medium)
 	NOTE: fixed in testing at time of DSA
 [12 Sep 2005] DSA-807-1 libapache-mod-ssl - acl restriction bypass
 	{CAN-2005-2700}
@@ -831,7 +831,7 @@
 [24 Dec 2004] DSA-618-1 imlib - buffer overflows, integer overflows
 	{CAN-2004-1025 CAN-2004-1026}
 	- imlib 1.9.14-17.1
-	- imlib-png2 1.9.14-16.1
+	- imlib+png2 1.9.14-16.1
 [24 Dec 2004] DSA-617-1 libtiff - insufficient input validation
 	{CAN-2004-1308}
 	- libtiff4 3.6.1-4
@@ -998,7 +998,6 @@
 [15 Oct 2004] DSA-567-1 tiff - heap overflows
 	{CAN-2004-0803 CAN-2004-0804 CAN-2004-0886}
 	- tiff 3.6.1-2
-	- tiff3g 3.6.1-2
 [14 Oct 2004] DSA-566-1 cupsys - unsanitised input
 	{CAN-2004-0923}
 	- cupsys 1.1.20final+rc1-9
@@ -1062,9 +1061,9 @@
 	{CAN-2004-0817}
 	- imlib 1.9.14-17
 	- imlib+png2 1.9.14-16.2
-[16 Sep 2004] DSA-547-1 imagemagic - buffer overflows
+[16 Sep 2004] DSA-547-1 imagemagick - buffer overflows
 	{CAN-2004-0827}
-	- imagemagic 6.0.6.2-1
+	- imagemagick 6.0.6.2-1
 [16 Sep 2004] DSA-546-1 gdk-pixbuf - multiple holes
 	{CAN-2004-0753 CAN-2004-0782 CAN-2004-0788}
 	- gdk-pixbuf 0.22.0-7
@@ -1255,7 +1254,7 @@
 	- logcheck 1.1.1-13.2
 [16 Apr 2004] DSA-487 neon - format string
 	{CAN-2004-0179}
-	- newo 0.24.5-1
+	- neon 0.24.5-1
 [16 Apr 2004] DSA-486 cvs - several vulnerabilities
 	{CAN-2004-0180 CAN-2004-0405}
 	- cvs 1:1.12.5-4
@@ -1860,10 +1859,10 @@
 	- libgtop 1.0.13-4
 [06 May 2003] DSA-300 balsa - buffer overflow
 	{CAN-2003-0167}
-	- balse 2.0.10
+	- balsa 2.0.10
 [06 May 2003] DSA-299 leksbot - improper setuid-root execution
 	{CAN-2003-0262}
-	- lexbot 1.2-5
+	- leksbot 1.2-5
 [02 May 2003] DSA-298 epic4 - buffer overflows
 	{CAN-2003-0323}
 	- epic4 1:1.1.11.20030409-1
@@ -2206,7 +2205,7 @@
 	- masqmail 0.2.15-1
 [11 Nov 2002] DSA-193 kdenetwork - buffer overflow
 	{CAN-2002-1247}
-	- kdenetwok 2.2.2-14.3
+	- kdenetwork 2.2.2-14.3
 [08 Nov 2002] DSA-192 html2ps - arbitrary code execution
 	{CAN-2002-1275}
 	- html2ps 1.0b3-2

Modified: data/packages/removed-packages
===================================================================
--- data/packages/removed-packages	2005-09-23 07:55:31 UTC (rev 2118)
+++ data/packages/removed-packages	2005-09-23 08:14:51 UTC (rev 2119)
@@ -1,5 +1,6 @@
 # This file lists packages which are no longer present in the Debian
 # archive, one per line.
 
+netjuke
 openwebmail
 xerces24




More information about the Secure-testing-commits mailing list