Author: micah
Date: 2005-02-24 07:41:04 +0100 (Thu, 24 Feb 2005)
New Revision: 481
Modified:
sarge-checks/CAN/list
Log:
Done checking these new TODOs
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2005-02-24 05:25:26 UTC (rev 480)
+++ sarge-checks/CAN/list 2005-02-24 06:41:04 UTC (rev 481)
@@ -13,8 +13,10 @@
CAN-2005-0505 (Unknown vulnerability in Information Resource Manager (IRM)
before ...)
- irm (unfixed; bug #296662)
CAN-2005-0504 (Buffer overflow in the MoxaDriverIoctl function for the moxa
serial ...)
- NOTE: micah checking with kernel team
- TODO: check
+ - kernel-source-2.6.8 2.6.8-12
+ - kernel-source-2.6.9 2.6.9-5
+ - kernel-source-2.6.10 2.6.10-2
+ - kernel-source-2.4.27 2.4.27-8
CAN-2005-0503 (uim before 0.4.5.1 trusts certain environment variables when
libUIM is ...)
- uim (unfixed; bug #296632)
CAN-2005-0502 (Directory traversal vulnerability in Xinkaa 1.0.3 and earlier
allows ...)
@@ -1350,8 +1352,13 @@
CAN-2005-0205
NOTE: reserved
CAN-2005-0204 (Linux kernel before 2.6.9, when running on the AMD64 and Intel
EM64T ...)
- NOTE: micah checking with kernel team
- TODO: check with kernel team
+ NOTE: according to the CAN it is fixed in 2.6.10, but
+ NOTE: looking at the source it is not so clear, noting this
+ NOTE: in the bug report
+ - kernel-source-2.4.27 (unfixed; bug #296700)
+ - kernel-source-2.6.8 (unfixed; bug #296700)
+ - kernel-source-2.6.9 (unfixed; bug #296700)
+ - kernel-source-2.6.10 (unfixed; bug #296700)
CAN-2005-0203
NOTE: reserved
CAN-2005-0202 (Directory traversal vulnerability in the true_path function in
...)
@@ -3008,6 +3015,7 @@
NOTE: waldi provided this info
- linux-kernel-image-2.6.8-s390 2.6.8-3
- kernel-source-2.6.8 2.6.8-10
+ - kernel-source-2.6.9 2.6.9-3
CAN-2004-0886 (Multiple integer overflows in libtiff 3.6.1 and earlier allow
remote ...)
{DSA-567-1}
CAN-2004-0885 (The mod_ssl module in Apache 2.0.35 through 2.0.52, when using
the ...)