Secure testing commits - Sep 2005 - r1988 - data/CAN

Author: jmm-guest
Date: 2005-09-14 21:37:08 +0000 (Wed, 14 Sep 2005)
New Revision: 1988

Modified:
   data/CAN/list
Log:
new issues in py2play and mount from util-linux
older cups dos


Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-09-14 21:26:09 UTC (rev 1987)
+++ data/CAN/list	2005-09-14 21:37:08 UTC (rev 1988)
@@ -1,11 +1,11 @@
 CAN-2005-2877
 	NOTE: reserved
 CAN-2005-2876 (umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2
allows ...)
-	TODO: check
+	- util-linux (unfixed; #328141; medium)
 CAN-2005-2875 (Py2Play allows remote attackers to execute arbitrary Python code
via ...)
-	TODO: check
+	- py2play (unfixed; bug #326976; medium)
 CAN-2005-2874 (The is_path_absolute function in scheduler/client.c for the
daemon in ...)
-	TODO: check
+	- cupsys 1.1.23-1 (unknown)
 CAN-2005-XXXX [snort vulnerable to DoS attack]
 	- snort (unfixed; bug #328134; low)
 CAN-2005-2871 (Buffer overflow in Mozilla Firefox 1.0.6 and earlier allows
remote ...)
@@ -15,8 +15,7 @@
 CAN-2005-XXXX [several buffer overflows in MS CHM library before version 0.36]
 	- chmlib 0.36-1 (bug #327431)
 CAN-2005-2802
-	NOTE: rejected
-	TODO: check
+	NOTE: rejected, initially ipt_recent related
 CAN-2005-2878 (Format string vulnerability in search.c in the imap4d server in
GNU ...)
 	- mailutils 1:0.6.90-3 (bug #327424; high)
 CAN-2005-2870 (Unknown vulnerability in the net-svc script on Solaris 10 allows
...)
@@ -224,9 +223,9 @@
 CAN-2005-2769 (Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and
...)
 	- sqwebmail 0.47-9 (bug #327727; medium)
 CAN-2005-2768 (Heap-based buffer overflow in the Sophos Antivirus Library, as
used by ...)
-	TODO: check
+	NOTE: not-for-us (Sophos AntiVirus)
 CAN-2005-2767 (Buffer overflow in LeapFTP allows remote attackers to execute
...)
-	TODO: check
+	NOTE: not-for-us (LeapFTP)
 CAN-2005-XXXX [Four potentially DoS exploitable deadlocks and leaks in kernel
2.6]
 	- linux-2.6 2.6.12-6 (low)
 CAN-2005-2766 (Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and
possibly ...)