[Secure-testing-commits] r2230 - data/CAN

Moritz Muehlenhoff jmm-guest at costa.debian.org
Thu Sep 29 15:59:24 UTC 2005


Author: jmm-guest
Date: 2005-09-29 15:59:21 +0000 (Thu, 29 Sep 2005)
New Revision: 2230

Modified:
   data/CAN/list
Log:
eric, thunderbird, gtkdiskfree and cpio fixed


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-29 15:50:01 UTC (rev 2229)
+++ data/CAN/list	2005-09-29 15:59:21 UTC (rev 2230)
@@ -85,7 +85,7 @@
 CAN-2005-3069 (xferfaxstats in HylaFax 4.2.1 and earlier allows local users to ...)
 	- hylafax 1:4.2.2+rc1 (bug #329384; low)
 CAN-2005-3068 (Unspecified vulnerability in Eric Integrated Development Environment ...)
-	- eric <unfixed> (bug #330608; unknown)
+	- eric 3.7.2-1 (bug #330608; unknown)
 CAN-2005-3067 (Cross-site scripting (XSS) vulnerability in perldiver.cgi in PerlDiver ...)
 	NOT-FOR-US: PerlDiver
 CAN-2005-3066 (Cross-site scripting (XSS) vulnerability in perldiver.pl in PerlDiver ...)
@@ -128,7 +128,7 @@
 CAN-2005-3057
 	RESERVED
 CAN-2005-3056 [TWiki INCLUDE function allows arbitrary shell command execution ]
-	- twiki <unfixed> (bug #; high
+	- twiki <unfixed> (bug #; high)
 	RESERVED
 CAN-2005-3055 (Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial ...)
 	- linux-2.6 <unfixed> (bug #330343; bug #330287; medium)
@@ -336,7 +336,7 @@
 CAN-2005-2968 (Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary ...)
 	- mozilla-firefox <not-affected> (Debian ships a non-vulnerable wrapper script)
 	- mozilla <not-affected> (Debian ships a non-vulnerable wrapper script)
-	- mozilla-thunderbird <unfixed> (bug #329667; bug #329664; high)
+	- mozilla-thunderbird 1.0.6-4 (bug #329667; bug #329664; high)
 CAN-2005-2967
 	RESERVED
 CAN-2005-2966
@@ -532,7 +532,7 @@
 	{DTSA-19-1}
 	- clamav 0.87-1 (bug #328660; medium)
 CAN-2005-2918 (The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and ...)
-	- gtkdiskfree (bug #328566; low)
+	- gtkdiskfree 1.9.3-4sarge1 (bug #328566; low)
 CAN-2005-3044 (Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local ...)
 	TODO: Pinged Horms for 2.4
 	- linux-2.6 2.6.12-7 (medium)
@@ -883,7 +883,7 @@
 	RESERVED
 CAN-2005-2710 (Format string vulnerability in Real HelixPlayer and RealPlayer 10 ...)
 	NOTE: see  http://www.open-security.org/advisories/13
-	- helix-player <unfixed> (bug #330364; high)
+	- helix-player 1.0.6-1 (bug #330364; high)
 CAN-2005-2709
 	RESERVED
 CAN-2005-2708
@@ -7179,7 +7179,7 @@
 CAN-2005-1230 (Directory traversal vulnerability in Yawcam 0.2.5 allows remote ...)
 	NOT-FOR-US: Yawcan
 CAN-2005-1229 (Directory traversal vulnerability in cpio 2.6 and earlier allows ...)
-	- cpio <unfixed> (bug #306693; medium)
+	- cpio 2.6-6 (bug #306693; medium)
 CAN-2005-1228 (Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through ...)
 	{DSA-752-1}
 	- gzip 1.3.5-10
@@ -7582,7 +7582,7 @@
 CAN-2005-1112 (IBM WebSphere Application Server 6.0 and earlier, when sharing the ...)
 	NOT-FOR-US: IBM Websphere
 CAN-2005-1111 (Race condition in cpio 2.6 and earlier allows local users to modify ...)
-	- cpio <unfixed> (bug #305372; low)
+	- cpio 2.6-6 (bug #305372; low)
 CAN-2005-1110 (Stack-based buffer overflow in the RespondeHTTPPendiente function in ...)
 	NOT-FOR-US: Sumus web server
 CAN-2005-1109 (The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote ...)




More information about the Secure-testing-commits mailing list