Moritz Muehlenhoff
2005-May-06 14:44 UTC
[Secure-testing-commits] r1012 - sarge-checks/CAN
Author: jmm-guest Date: 2005-05-06 14:44:13 +0000 (Fri, 06 May 2005) New Revision: 1012 Modified: sarge-checks/CAN/list Log: More unfixed security issues from the BTS. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-05-06 14:29:40 UTC (rev 1011) +++ sarge-checks/CAN/list 2005-05-06 14:44:13 UTC (rev 1012) @@ -1,3 +1,15 @@ +CAN-2005-XXXX [Temp file races in gs-gpl addons scripts] + - gs-gpl (unfixed; bug #291373) +CAN-2005-XXXX [Possible SQL injection in freeradius] + - freeradius (unfixed; bug #307720) +CAN-2005-XXXX [Insecure temp file handling in Thunderbird] + - mozilla-thunderbird (unfixed; bug #306893) +CAN-2005-XXXX [Directory traversal in unzoo] + - unzoo (unfixed; bug #306164) +CAN-2005-XXXX [base-config: World readable config file might reveal password data] + - base-config (unfixed; bug #305142) +CAN-2005-XXXX [Logging bypassing through SIGHUP in syslog-ng] + - syslog-ng (unfixed; bug #304894) CAN-2005-XXXX [tracksballs: Missing checks for symlinks when writing to predictable file names] - trackballs (unfixed; bug #302454) CAN-2005-XXXX [Less secure default setting in pwgen or the lack documentation about it]