Author: joeyh
Date: 2005-10-10 09:14:33 +0000 (Mon, 10 Oct 2005)
New Revision: 2378
Modified:
data/CAN/list
Log:
automatic CAN database update
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-10-10 08:17:25 UTC (rev 2377)
+++ data/CAN/list 2005-10-10 09:14:33 UTC (rev 2378)
@@ -73,6 +73,7 @@
CAN-2005-3151 (Buffer overflow in blenderplay in Blender Player 2.37a allows
...)
- blender <unfixed> (bug #332313; low)
CAN-2005-3150 (Format string vulnerability in the Log_Flush function in Weex
2.6.1.5, ...)
+ {DSA-855-1}
- weex 2.6.1-6sarge1 (bug #332424; medium)
CAN-2005-3149 (Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly
...)
- uim <unfixed> (bug #331620; medium)
@@ -618,6 +619,7 @@
- xine-lib <unfixed> (bug #332919; medium)
CAN-2005-2965 [Insecure temp files in graphviz]
RESERVED
+ {DSA-857-1}
- graphviz 2.2.1-1sarge1 (low)
CAN-2005-2964 (Stack-based buffer overflow in AbiWord before 2.2.10 allows
attackers ...)
- abiword 2.2.10-1 (bug #329839; medium)
@@ -827,6 +829,7 @@
- util-linux 2.12p-8 (bug #328141; bug #329063; medium)
- loop-aes-utils 2.12p-9 (bug #328626; medium)
CAN-2005-2875 (Py2Play allows remote attackers to execute arbitrary Python code
via ...)
+ {DSA-856-1}
- py2play 0.1.8-1 (bug #326976; medium)
- slune 1.0.10-1 (bug #326976; medium)
NOTE: slune had to be adapted to internal py2play changes in order to avoid
breakage
@@ -7414,6 +7417,7 @@
NOTE: someone into using a maliciously crafted certificate revocation list
- apache2 2.0.54-5 (bug #320048; bug #320063; low)
CAN-2005-1267 (The bgp_update_print function in tcpdump 3.x does not properly
handle ...)
+ {DSA-854-1}
- tcpdump 3.9.0.cvs.20050614-1 (medium)
CAN-2005-1266 (Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote
attackers to ...)
{DSA-736-2 DSA-736-1}