Author: jmm-guest Date: 2005-07-21 07:53:26 +0000 (Thu, 21 Jul 2005) New Revision: 1448 Modified: data/CAN/list Log: two new issues: freebsd and gopher Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-07-21 07:38:21 UTC (rev 1447) +++ data/CAN/list 2005-07-21 07:53:26 UTC (rev 1448) @@ -1,3 +1,5 @@ +CAN-2005-XXXX [Insecure temp usage in gopher] + - gopher 3.0.8 (low) CAN-2005-XXXX [fiaif: Package provided cron job updates conf files with access definitions] NOTE: This doesn''t look like a real security issue as cron.daily should only be NOTE: writable by root, but lets include it as the maintainer considers it an issue @@ -498,8 +500,9 @@ NOTE: not-for-us (Dragonfly) CAN-2005-2219 (Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to ...) NOTE: not-for-us (Hosting Controller) -CAN-2005-2218 +CAN-2005-2218 [freebsd: Weak permissions permit exposal of devfs nodes in jails] NOTE: reserved + - kfreebsd5-source 5.3-17 (medium) CAN-2005-2217 (Dansie Shopping Cart stores the vars.dat file under the web root with ...) NOTE: not-for-us (Dansie Shopping Cart CAN-2005-2216 (PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo ...)