Moritz Muehlenhoff
2005-May-29 13:55 UTC
[Secure-testing-commits] r1172 - sarge-checks/CAN
Author: jmm-guest
Date: 2005-05-29 13:55:40 +0000 (Sun, 29 May 2005)
New Revision: 1172
Modified:
sarge-checks/CAN/list
Log:
one new kernel issue and a bit of house keeping
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2005-05-29 13:40:42 UTC (rev 1171)
+++ sarge-checks/CAN/list 2005-05-29 13:55:40 UTC (rev 1172)
@@ -3290,7 +3290,7 @@
NOTE: see http://bugs.gentoo.org/show_bug.cgi?id=90626
- gzip 1.3.5-10
CAN-2005-0757 (The xattr file system code on Linux 2.4.x on 64-bit systems does
not ...)
- TODO: check
+ - kernel-source-2.4.27 (unfixed; bug filed)
CAN-2005-0756
NOTE: reserved
CAN-2005-0755 (Heap-based buffer overflow in RealPlayer 10 and earlier, Helix
Player ...)
@@ -5723,7 +5723,7 @@
CAN-2005-0135 (The unw_unwind_to_user function in unwind.c on Itanium (ia64)
...)
- kernel-source-2.6.8 2.6.8-14
CAN-2005-0134 (The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not
properly ...)
- TODO: check
+ NOTE: not-for-us (SCO UnixWare)
CAN-2004-1381 (Firefox before 1.0 and Mozilla before 1.7.5 allow inactive ...)
- mozilla-firefox 1.0
- mozilla 2:1.7.5
@@ -5947,7 +5947,7 @@
CAN-2005-0041
NOTE: reserved
CAN-2005-0040 (Multiple cross-site scripting (XSS) vulnerabilities in
DotNetNuke ...)
- TODO: check
+ NOTE: not-for-us (DotNetNuke)
CAN-2005-0039 (Certain configurations of IPsec, when using Encapsulating
Security ...)
TODO: check
CAN-2005-0038
@@ -8117,7 +8117,7 @@
CAN-2004-0463
NOTE: reserved
CAN-2004-0462 (The built-in web servers for multiple networking devices do not
set ...)
- TODO: check
+ NOTE: not-for-us (Multiple embedded hardware vendors)
CAN-2004-0461 (The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13,
when ...)
NOTE: debian probably not vulnerable
- dhcp3 3.0.1
@@ -10397,7 +10397,7 @@
CAN-2003-0364 (The TCP/IP fragment reassembly handling in the Linux kernel 2.4
allows ...)
{DSA-442 DSA-336 DSA-332 DSA-311}
CAN-2003-0363 (Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly
other ...)
- TODO: check
+ - licq 1.2-7-1
CAN-2003-0362 (Buffer overflow in gPS before 0.10.2 may allow local users to
cause a ...)
{DSA-307}
CAN-2003-0361 (gPS before 1.1.0 does not properly follow the rgpsp connection
source ...)