Author: jmm-guest Date: 2005-10-18 09:23:49 +0000 (Tue, 18 Oct 2005) New Revision: 2440 Modified: data/CAN/list Log: gallery2 CANified, some nfus and minor updates Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-10-18 09:14:17 UTC (rev 2439) +++ data/CAN/list 2005-10-18 09:23:49 UTC (rev 2440) @@ -1,7 +1,7 @@ CAN-2005-3251 (Directory traversal vulnerability in the gallery script in Gallery 2.0 ...) - TODO: check + - gallery 2.0.1-1 (medium) CAN-2005-3250 (Unknown vulnerability in Solaris 10 allows local users to cause a ...) - TODO: check + NOT-FOR-US: Solaris CAN-2005-3249 RESERVED CAN-2005-3248 @@ -23,8 +23,9 @@ CAN-2005-3240 RESERVED CAN-2005-3238 (Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option ...) - TODO: check + NOT-FOR-US: Solaris CAN-2005-XXXX [local root via loadkeys] + NOTE: CVE assignment requested - linux-2.6 <unfixed> (bug #334113; medium) - kernel-source-2.4.27 <unfixed> (medium) CAN-2005-3237 (Cross-site scripting (XSS) vulnerability in Cyphor 0.19 allows remote ...) @@ -114,7 +115,6 @@ NOT-FOR-US: Planet Technology switch CAN-2005-3195 REJECTED - NOTE: This is a duplicate from CAN-2005-3178, will be rejected CAN-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), ...) NOT-FOR-US: ALZip CAN-2005-3193 @@ -149,8 +149,6 @@ - enigmail 2:0.93-1 (unknown) CAN-2005-XXXX [Unspecified vulnerability in zope''s docutils] - zope2.8 2.8.1-7 -CAN-2005-XXXX [gallery2: Information disclosure through missing input sanitising] - - gallery 2.0.1-1 (medium) CAN-2005-3185 (Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ...) - wget 1.10.2-1 (medium) - curl 7.15.0-1 (bug #333734; medium)