Joey Hess
2005-Mar-16 23:46 UTC
[Secure-testing-commits] r566 - in sarge-checks: CAN CVE DSA
Author: joeyh
Date: 2005-03-17 00:45:56 +0100 (Thu, 17 Mar 2005)
New Revision: 566
Modified:
sarge-checks/CAN/list
sarge-checks/CVE/list
sarge-checks/DSA/list
Log:
updates and corrections
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2005-03-16 15:38:19 UTC (rev 565)
+++ sarge-checks/CAN/list 2005-03-16 23:45:56 UTC (rev 566)
@@ -169,7 +169,7 @@
CAN-2002-1593 (mod_dav in Apache before 2.0.42 does not properly handle
versioning ...)
- apache2 2.0.42
CAN-2002-1592 (The ap_log_rerror function in Apache 2.0 through 2.035, when a
CGI ...)
- - apache2 2.036
+ - apache2 2.0.36
CAN-2002-1591 (AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the
Trusted ...)
NOTE: not-for-us (AIM in MSIE)
CAN-2005-0707 (Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch
...)
@@ -291,7 +291,7 @@
CAN-2005-0674 (Cross-site scripting (XSS) vulnerability in the News module for
paBox ...)
NOTE: not-for-us (Pabox for PHPNuke not in Debian)
CAN-2005-0673 (Cross-site scripting (XSS) vulnerability in usercp_register.php
for ...)
- - phpbb2 (unfixed; bug #298690)
+ - phpbb2 2.0.13-2
CAN-2005-0672 (Carsten''s 3D Engine (Ca3DE), March 2004 version and
earlier, allows ...)
NOTE: not-for-us (Ca3DE)
CAN-2005-0671 (Format string vulnerability in Carsten''s 3D Engine
(Ca3DE), March 2004 ...)
@@ -364,7 +364,7 @@
NOTE: Tavis Ormandy about this. -- Djoume
CAN-2005-0638 (xloadimage before 4.1-r2, and xli before 1.17, allows attackers
to ...)
- xli (unfixed; bug #298039)
- - xloadimage (unfixed; bug #298926)
+ - xloadimage 4.1-14.1
CAN-2005-0637 (The copy functions in locore.s in OpenBSD 3.5 and 3.6 may allow
...)
NOTE: not-for-us (OpenBSD)
CAN-2005-0636 (Format string vulnerability in Foxmail Server 2.0 allows remote
...)
@@ -1431,7 +1431,7 @@
NOTE: reserved
CAN-2005-0398
NOTE: reserved
- - racoon (unfixed; bug #299716)
+ - racoon 1:0.5-5
CAN-2005-0397 (Format string vulnerability in ImageMagick before 6.0.2.5 allows
...)
- imagemagick 6:6.0.6.2-2.2
CAN-2005-0396
Modified: sarge-checks/CVE/list
==================================================================---
sarge-checks/CVE/list 2005-03-16 15:38:19 UTC (rev 565)
+++ sarge-checks/CVE/list 2005-03-16 23:45:56 UTC (rev 566)
@@ -543,7 +543,7 @@
- flashplugin-nonfree 6.0.69-1
CVE-2002-1381
- exim4 4.11-0.0.1
- - exim (unfixed; bug #171774)
+ - exim 3.36-14
CVE-2002-1380
{DSA-336}
- kernel-source-2.2.25
Modified: sarge-checks/DSA/list
==================================================================---
sarge-checks/DSA/list 2005-03-16 15:38:19 UTC (rev 565)
+++ sarge-checks/DSA/list 2005-03-16 23:45:56 UTC (rev 566)
@@ -1,6 +1,6 @@
[14 Mar 2005] DSA-693-1 luxman - buffer overflow
{CAN-2005-0385}
- - luxman 0.41-20
+ - luxman (unfixed; bug filed)
NOTE: not present in testing at time oF DSA
NOTE: not even in unstable yet, but DSA claimed it was
[14 Mar 2005] DSA-662-2 squirrelmail - several