Author: joeyh Date: 2005-05-10 04:37:59 +0000 (Tue, 10 May 2005) New Revision: 1028 Modified: sarge-checks/CAN/list Log: add more notes about sarge propigation Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-05-10 03:58:37 UTC (rev 1027) +++ sarge-checks/CAN/list 2005-05-10 04:37:59 UTC (rev 1028) @@ -5,6 +5,10 @@ - mailutils (unfixed; bug #308031) CAN-2005-XXXX [maradns: More frequent rekeying to mitigate possible AES attacks] - maradns 1.0.27-1 + NOTE: new upstream not suitable for testing. + NOTE: patch at http://www.maradns.org/download/patches/maradns-1.0.26-rekey_rng.patch + NOTE: applies to verson in testing, pinged maintainer about a backport + - maradns (unfixed in testing; bug #307662) CAN-2005-XXXX [Temp file races in gs-gpl addons scripts] - gs-gpl (unfixed; bug #291373) CAN-2005-XXXX [Possible SQL injection in freeradius] @@ -59,6 +63,7 @@ NOTE: reserved CAN-2005-1453 (fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to ...) - leafnode 1.11.2.rel-1 + NOTE: not yet fixed in sarge, may need backport. CAN-2004-2069 (sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, ...) TODO: check CAN-2004-2068 (fetchnews in leafnode 1.9.47 and earlier allows remote attackers to ...)