thr3ads.net - Secure testing commits - [Secure-testing-commits] r2039

If this information is useful, please help other people find it:
Share via:
Florian Weimer
2005-Sep-18 13:14 UTC
[Secure-testing-commits] r2039 - in data: CAN CVE DSA

Author: fw
Date: 2005-09-18 13:13:29 +0000 (Sun, 18 Sep 2005)
New Revision: 2039

Modified:
   data/CAN/list
   data/CVE/list
   data/DSA/list
Log:
More data gathered on bugs-dist.




Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-09-18 10:25:05 UTC (rev 2038)
+++ data/CAN/list	2005-09-18 13:13:29 UTC (rev 2039)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [user password file created by gajim is world-redable]
+	- gajim 0.8.2-1 (bug #325080; low)
 CAN-2005-XXXX [mkzopeinstance.py creates world-readable inituser file]
 	- zope2.7 (unfixed; bug #313644; low)
 	NOTE: first patch was incorrect
@@ -554,7 +556,8 @@
 CAN-2005-2643 (Tor 0.1.0.13 and earlier, and experimental versions
0.1.1.4-alpha and ...)
 	- tor 0.1.0.14-1 (medium)
 CAN-2005-2642 (Buffer overflow in the mutt_decode_xbit function in Handler.c
for Mutt ...)
-	NOTE: not-for-us (doesn''t affect Debian)
+	- mutt (unfixed; bug #323956)
+	NOTE: Status is not clear; upstream is unresponsive.
 CAN-2005-2641 (Unknown vulnerability in pam_ldap before 180 does not properly
handle ...)
 	{DSA-785-1}
 	- libpam-ldap 178-1sarge1 (bug #324899; unknown)
@@ -1505,10 +1508,10 @@
 	- tutos 1.1.20031017-2.1 (medium)
 CAN-2005-2550 (Format string vulnerability in Evolution 1.4 through 2.3.6.1
allows ...)
 	{DTSA-13-1}
-	- evolution 2.2.3-2etch1 (high)
+	- evolution 2.2.3-2etch1 (high; bug #322535)
 CAN-2005-2549 (Multiple format string vulnerabilities in Evolution 1.5 through
...)
 	{DTSA-13-1}
-	- evolution 2.2.3-2etch1 (high)
+	- evolution 2.2.3-2etch1 (high; bug #322535)
 end claimed by neilm
 CAN-2005-XXXX [libnet-ssleay-perl: /tmp/entropy insecure]
 	- libnet-ssleay-perl 1.25-1.1 (bug #296112; low)
@@ -1875,10 +1878,10 @@
 	NOTE: not-for-us (Microsoft)
 CAN-2005-2302 (PowerDNS before 2.9.18, when allowing recursion to a restricted
range ...)
 	{DSA-771-1}
-	- pdns 2.9.18-1 (medium)
+	- pdns 2.9.18-1 (medium; bug #318798)
 CAN-2005-2301 (PowerDNS before 2.9.18, when running with an LDAP backend, does
not ...)
 	{DSA-771-1}
-	- pdns 2.9.18-1 (medium)
+	- pdns 2.9.18-1 (medium; bug #318798
 CAN-2005-2300 (Skype 1.1.0.20 and earlier allows local users to overwrite
arbitrary ...)
 	NOTE: not-for-us (Skype)
 CAN-2005-2299 (Multiple cross-site scripting (XSS) vulnerabilities in Simple
Message ...)
@@ -2097,6 +2100,7 @@
 	{DSA-774-1}
 	NOTE: previous fix in -15 was broken
 	- fetchmail 6.2.5-16 (bug #320357; medium)
+	NOTE: woody is not affected according to the bug report.
 CAN-2005-2320 (WebCalendar before 1.0.0 does not properly restrict access to
...)
 	{DSA-766-1}
 	- webcalender (unfixed; bug #315671; medium)
@@ -2602,7 +2606,8 @@
 	{DSA-761-2}
 	- heartbeat 1.2.3-12 (medium)
 CAN-2005-2230 (Electronic Mail Operator (elmo) 1.3.2-r1 and earlier creates the
...)
-	- elmo 1.3.0-1.1 (bug #318291; medium)
+	- elmo (unfixed; bug #318291; medium)
+	NOTE: upload to unstable still hasn''t occurred (2005-09-18)
 CAN-2005-2229 (Blog Torrent 0.92 and earlier stores sensitive files under the
web ...)
 	NOTE: not-for-us (Blog Torrent)
 CAN-2005-2228 (Web Wiz Forums 7.9 and 8.0 allows remote attackers to view
message ...)
@@ -4158,7 +4163,7 @@
 	NOTE: reserved
 CAN-2005-1923 (The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV)
0.83, ...)
 	{DSA-737-1 DTSA-3-1}
-	- clamav 0.86.1 (bug #316401; medium)
+	- clamav 0.86.1 (bug #316401; bug #316462; medium)
 CAN-2005-1922 (The MS-Expand file handling in Clam AntiVirus (ClamAV) before
0.86 ...)
 	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1-1 (low)
@@ -4172,7 +4177,7 @@
 	- egroupware 1.0.0.007-3.dfsg-1 (high)
 	- phpwiki 1.3.7-4 (high)
 	NOTE: ewiki does not seem vulnerable (no eval, different code base)
-	- php4 4.3.10-16etch1 (high)
+	- php4 4.3.10-16etch1 (high; bug #316447)
 	NOTE: horde3 is not affected by this issue, they ship different XMLRPC code
 CAN-2005-1920 (The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x
through ...)
 	{DSA-804-1}
@@ -7838,7 +7843,7 @@
 CAN-2005-0826 (OllyDbg 1.10 and earlier allows remote attackers to cause a
denial of ...)
 	NOTE: not-for-us (OllyDbg MS Windows debugger)
 CAN-2005-0825 (Buffer overflow in LTris before 1.0.10 allows local users to
execute ...)
-	- ltris 1.0.6-1.1
+	- ltris 1.0.6-1.1 (bug #291620)
 CAN-2005-0824 (The internal_dump function in Mathopd before 1.5p5, and 1.6x
before ...)
 	- mathopd 1.5p5-1
 CAN-2001-1433 (Cherokee web server before 0.2.7 does not properly drop root
...)
@@ -9032,6 +9037,8 @@
 	NOTE: hard disc, well than you have "DoSed" yourself,
congratulations.
 	NOTE: It''s reproducable with 1.0.2, but I doubt it will ever be
"fixed", as HTML parsers
 	NOTE: generally try to make sense of anything even remotely resembling HTML.
+	TODO: This is still a bug (maybe not a security one) 
+	TODO: and needs fixing. (IMHO, fw)
 CAN-2004-1638 (Buffer overflow in MailCarrier 2.51 allows remote attackers to
execute ...)
 	NOTE: not-for-us (mailcarrier)
 CAN-2004-1637 (The Hawking Technologies HAR11A modem/router allows remote
attackers ...)
@@ -9658,7 +9665,8 @@
 	NOTE: checked inetutils 2:1.4.2+20040207-4; not vulnerable and its tftpd is
not shipped
 	NOTE: atftp checks h_length
 	NOTE: netkit-tftp not vulnerable
-	- tftpd-hpa (unfixed; bug #295297; low)
+	- tftpd-hpa (unfixed; bug #295297; unimportant)
+	NOTE: The address length comes from libc, not the network.
 CAN-2004-1484 (Format string vulnerability in the _msg function in error.c in
socat ...)
 	- socat 1.4.0.3-1
 CAN-2004-1483 (Multiple unknown vulnerabilities in the ActiveX and HTML file
browsers ...)
@@ -11651,7 +11659,7 @@
 	NOTE: reserved
 CAN-2004-0996 (main.c in cscope 15-4 and 15-5 creates temporary files with ...)
 	{DSA-610-1}
-	- cscope 15.5-1.1
+	- cscope 15.5-1.1 (bug #282815)
 	NOTE: Patch in debian bts from ubuntu is good. All other patches are crap.
 CAN-2004-0995
 	NOTE: reserved
@@ -12097,6 +12105,7 @@
 	NOTE: fixed in 2.6.8, does not affect 2.4 per dannf''s notes
 CAN-2004-0815 (The unix_clean_name function in Samba 2.2.x through 2.2.11, and
3.0.x ...)
 	{DSA-600-1}
+	- samba 3.0.6-1 (bug #274342)
 CAN-2004-0814 (Multiple race conditions in the terminal layer in Linux 2.4.x,
and ...)
 	- kernel-source-2.6.8 2.6.8-8
 	- kernel-source-2.4.27 2.4.27-7
@@ -17685,6 +17694,9 @@
 CAN-2001-0737 (A long ''synch'' delay in Logitech wireless mice
and keyboard receivers ...)
 CAN-2001-0736 (Vulnerability in (1) pine before 4.33 and (2) the pico editor,
...)
 CAN-2001-0735 (Buffer overflow in cfingerd 1.4.3 and earlier with the ...)
+	- cfingerd 1.4.3-1.1 (bug #104394)
+	NOTE: 1.4.3-1.2 is not in the PTS, but 1.4.3-1.2 incorporates
+	NOTE: its changes.
 CAN-2001-0734 (Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a
local ...)
 CAN-2001-0729 (Apache 1.3.20 on Windows servers allows remote attackers to
bypass the ...)
 CAN-2001-0725

Modified: data/CVE/list
==================================================================---
data/CVE/list	2005-09-18 10:25:05 UTC (rev 2038)
+++ data/CVE/list	2005-09-18 13:13:29 UTC (rev 2039)
@@ -1173,6 +1173,7 @@
 	NOTE: kernel netfilter bug, not in user space
 	NOTE: this is fixed in kernel 2.4.20
 	TODO: check
+	- kernel-image-2.4.18-i386 (bug #152152; unimportant)
 CVE-2002-0703
 	- perl 5.8.0-7
 	NOTE: woody seems to be vulnerable, bug #282527

Modified: data/DSA/list
==================================================================---
data/DSA/list	2005-09-18 10:25:05 UTC (rev 2038)
+++ data/DSA/list	2005-09-18 13:13:29 UTC (rev 2039)
@@ -1676,7 +1676,7 @@
 	- gallery 1.3.4-3
 [29 Jul 2003] DSA-354 xconq - buffer overflows
 	{CAN-2003-0607}
-	- xconq 7.4.1-2.1
+	- xconq 7.4.1-2.1 (bug #202963)
 [29 Jul 2003] DSA-353 sup - insecure temporary file
 	{CAN-2003-0606}
 	- sup 1.8-9
Secure testing commits - Sep 2005 - r2039 - in data: CAN CVE DSA

[Secure-testing-commits] r2039 - in data: CAN CVE DSA
