[Secure-testing-commits] r2227 - data/CAN
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Sep 29 14:06:31 UTC 2005
Author: jmm-guest
Date: 2005-09-29 14:06:27 +0000 (Thu, 29 Sep 2005)
New Revision: 2227
Modified:
data/CAN/list
Log:
bugnums + fprobe-ng issue from the BTS
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-09-29 13:41:01 UTC (rev 2226)
+++ data/CAN/list 2005-09-29 14:06:27 UTC (rev 2227)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [fprobe-ng: Insecure default hash]
+ - fprobe-ng <unfixed> (bug #322699; low)
CAN-2005-3104 (mt-comments.cgi in Movable Type before 3.2 allows attackers to ...)
NOT-FOR-US: Movable Type
CAN-2005-3103 (Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 ...)
@@ -26,9 +28,9 @@
CAN-2005-3092 (Heap-based buffer overflow in Image-Line Software FL Studio 5.0.1 ...)
NOT-FOR-US: Image-Line Software FL Studio
CAN-2005-3091 (Cross-site scripting (XSS) vulnerability in Mantis before 1.0.0rc1 ...)
- - mantis <unfixed> (bug filed; unknown)
+ - mantis <unfixed> (bug #330682; unknown)
CAN-2005-3090 (Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php ...)
- - mantis <unfixed> (bug filed; unknown)
+ - mantis <unfixed> (bug #330682; unknown)
CAN-2005-3089 (Firefox 1.0.6 allows attackers to cause a denial of service (crash) ...)
TODO: file a bug, it's not really clear, whether this has security implications
CAN-2005-3088
@@ -3526,7 +3528,7 @@
- ia32-libs <unfixed> (bug #317971; medium)
NOTE: dar-static claimed not used on untrusted input by maintainer in #317989
- bacula 1.36.3-2 (medium)
- - sash 3.7-6 (medium)
+ - sash 3.7-6 (bug #318246; medium)
- libphysfs-1.0-0 1.0.0-5 (medium)
- oops <unfixed> (bug #318097; medium)
- rpm 4.0.4-31.1 (bug #318099; medium)
More information about the Secure-testing-commits
mailing list