Author: joeyh
Date: 2005-08-22 13:46:54 +0000 (Mon, 22 Aug 2005)
New Revision: 1624
Modified:
data/CAN/list
Log:
cupsys holes that only affect source package, not shipped debs
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-08-22 09:14:20 UTC (rev 1623)
+++ data/CAN/list 2005-08-22 13:46:54 UTC (rev 1624)
@@ -2435,6 +2435,8 @@
- xpdf 3.00-15 (bug #322462; low)
NOTE: tetex-bin not affected re bug #322467
- gpdf (unfixed; low)
+ NOTE: only affects source package, not used in binary
+ - cupsys (unfixed; bug #324464; low)
CAN-2005-2096 (Buffer overflow in zlib 1.2 and later versions allows remote
attackers ...)
{DSA-740-1}
NOTE: Several packages ship embedded copies of zlib, there are a lot probably
more
@@ -10021,6 +10023,8 @@
- pdftohtml 0.36-11
- kdegraphics 3.3.2-2
- tetex-bin 2.0.2-26
+ NOTE: only affects source package, not used in binary
+ - cupsys (unfixed; bug #324459; low)
CAN-2005-0063 (The document processing application used by the Windows Shell in
...)
NOTE: not-for-us (Microsoft)
CAN-2005-0062
@@ -11326,6 +11330,8 @@
CAN-2004-0888 (Multiple integer overflows in xpdf 2.0 and 3.0, and other
packages ...)
{DSA-599-1 DSA-581-1 DSA-573-1}
- koffice 1:1.3.4-1
+ NOTE: only affects source package, not used in binary
+ - cupsys (unfixed; bug #324460; low)
CAN-2004-0887 (SUSE Linux Enterprise Server 9 on the S/390 platform does not
properly ...)
NOTE: waldi provided this info
- linux-kernel-image-2.6.8-s390 2.6.8-3