Secure testing commits - Dec 2004 - r169 - sarge-checks/CAN

Author: joeyh
Date: 2004-12-03 15:02:06 -0700 (Fri, 03 Dec 2004)
New Revision: 169

Modified:
   sarge-checks/CAN/list
Log:
checked recent CANs


Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2004-12-03 20:28:06 UTC (rev 168)
+++ sarge-checks/CAN/list	2004-12-03 22:02:06 UTC (rev 169)
@@ -1,57 +1,59 @@
 CAN-2004-1120
-	TODO: check
+	- prozilla (unfixed; bug filed)
 CAN-2004-1119
-	TODO: check
+	NOTE: not-for-us (Winamp)
 CAN-2004-1118
-	TODO: check
+	NOTE: not-for-us (WodFtpDLX.ocx ActiveX component)
 CAN-2004-1117
-	TODO: check
+	NOTE: not-for-us (ChessBrain)
 CAN-2004-1116
-	TODO: check
+	NOTE: not-for-us (GIMPS)
 CAN-2004-1115
-	TODO: check
+	NOTE: gentoo-specific permissions problems in setaiathome
 CAN-2004-1114
-	TODO: check
+	NOTE: not-for-us (Skype)
 CAN-2004-1113
-	TODO: check
+	NOTE: not-for-us (SQLgrey Postfix greylisting serivce)
 CAN-2004-1112
-	TODO: check
+	NOTE: not-for-us (Cisco)
 CAN-2004-1111
-	TODO: check
+	NOTE: not-for-us (Cisco)
 CAN-2004-1110
-	TODO: check
+	- mtink (unfixed; bug filed)
+	NOTE: debian not vulnerale except in edge case)
 CAN-2004-1109
-	TODO: check
+	NOTE: not-for-us (Kerio Personal Firewall)
 CAN-2004-1108
-	TODO: check
+	NOTE: not-for-us (Gentoolkit)
 CAN-2004-1107
-	TODO: check
+	NOTE: not-for-us (Portage)
 CAN-2004-1106
-	TODO: check
+	- gallery 1.4.4-pl4-1
 CAN-2004-1105
-	TODO: check
+	NOTE: not-for-us (Nortel Networks Contivity VPN Client)
 CAN-2004-1104
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2004-1103
-	TODO: check
+	NOTE: not-for-us (MailPost)
 CAN-2004-1102
-	TODO: check
+	NOTE: not-for-us (MailPost)
 CAN-2004-1101
-	TODO: check
+	NOTE: not-for-us (MailPost)
 CAN-2004-1100
-	TODO: check
+	NOTE: not-for-us (MailPost)
 CAN-2004-1099
-	TODO: check
+	NOTE: not-for-us (Cisco)
 CAN-2004-1098
-	TODO: check
+	- mime-tools 5.415-1
 CAN-2004-1097
-	TODO: check
+	NOTE: not-for-us (Cherokee)
 CAN-2004-1096
-	TODO: check
+	- libarchive-zip-perl 1.14-1
 CAN-2004-1095
-	TODO: check
+	- zgv (unfixed; bug filed)
+	- xzgv (unfixed; bug filed)
 CAN-2004-1094
-	TODO: check
+	NOTE: not-for-us (RealPlayer)
 CAN-2004-1093
 	NOTE: reserved
 CAN-2004-1092
@@ -79,9 +81,9 @@
 CAN-2004-1081
 	NOTE: reserved
 CAN-2004-1080
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2004-1079
-	TODO: check
+	- ncpfs 2.2.5-2
 CAN-2004-1078
 	NOTE: reserved
 CAN-2004-1077
@@ -89,21 +91,21 @@
 CAN-2004-1076
 	NOTE: reserved
 CAN-2004-1075
-	TODO: check
+	- zope-zwiki (unfixed; bug #282944)
 CAN-2004-1074
-	TODO: check
+	TODO: check with kernel people
 CAN-2004-1073
-	TODO: check
+	TODO: check with kernel people
 CAN-2004-1072
-	TODO: check
+	TODO: check with kernel people
 CAN-2004-1071
-	TODO: check
+	TODO: check with kernel people
 CAN-2004-1070
-	TODO: check
+	TODO: check with kernel people
 CAN-2004-1069
-	TODO: check
+	TODO: check with kernel people
 CAN-2004-1068
-	TODO: check
+	TODO: check with kernel people
 CAN-2004-1067
 	NOTE: reserved
 CAN-2004-1066
@@ -167,7 +169,7 @@
 CAN-2004-1038
 	NOTE: not-for-us (IEEE1394 specification bug, physical security)
 CAN-2004-1037
-	TODO: check
+	- twiki 20030201-6
 CAN-2004-1036
 	- squirrelmail 2:1.4.3a-3
 CAN-2004-1035
@@ -184,7 +186,7 @@
 CAN-2004-1030
 	- fcron 2.9.5.1-1
 CAN-2004-1029
-	TODO: check
+	NOTE: not-for-us (Sun JRE)
 CAN-2004-1028
 	NOTE: reserved
 CAN-2004-1027
@@ -200,7 +202,7 @@
 CAN-2004-1022
 	NOTE: reserved
 CAN-2004-1021
-	TODO: check
+	NOTE: not-for-us (MacOS)
 CAN-2004-1020
 	NOTE: reserved
 CAN-2004-1019
@@ -212,25 +214,27 @@
 CAN-2004-1016
 	NOTE: reserved
 CAN-2004-1015
-	TODO: check
+	- cyrus-imapd (unfixed; bug filed)
+	- cyrus21-imapd (unfixed; bug filed)
 CAN-2004-1014
 	NOTE: reserved
 CAN-2004-1013
 	{DSA-597-1}
-	NOTE: see http://security.e-matters.de/advisories/152004.html
-	- cyrus-imapd 2.1.17-1
+	- cyrus-imapd 1.5.19-20
+	- cyrus21-imapd 2.1.17-1
 CAN-2004-1012
 	{DSA-597-1}
-	NOTE: see http://security.e-matters.de/advisories/152004.html
-	- cyrus-imapd 2.1.17-1
+	- cyrus-imapd 1.5.19-20
+	- cyrus21-imapd 2.1.17-1
 CAN-2004-1011
-	TODO: check
+	- cyrus-imapd (unfixed; bug filed)
+	- cyrus21-imapd (unfixed; bug filed)
 CAN-2004-1010
 	- zip 2.30-8
 CAN-2004-1009
 	NOTE: reserved
 CAN-2004-1008
-	TODO: check
+	- putty 0.56-1
 CAN-2004-1007
 	- bogofilter 0.92.8-1
 CAN-2004-1006
@@ -256,7 +260,8 @@
 CAN-2004-0997
 	NOTE: reserved
 CAN-2004-0996
-	TODO: check
+	- cscope (unfixed; bug #282815)
+	NOTE: Patch in debian bts from ubuntu is good. All other patches are crap.
 CAN-2004-0995
 	NOTE: reserved
 CAN-2004-0994
@@ -265,7 +270,7 @@
 	NOTE: reserved
 	{DSA-604-1}
 CAN-2004-0992
-	TODO: check
+	NOTE: not-for-us (Proxytunnel)
 CAN-2004-0991
 	NOTE: reserved
 CAN-2004-0990
@@ -336,7 +341,7 @@
 CAN-2004-0966
 	- gettext 0.14.1-6
 CAN-2004-0965
-	TODO: check
+	NOTE: not-for-us (HP-UX)
 CAN-2004-0964
 	{DSA-587-1}
 	NOTE: not vulnerable according to
http://www.debian.org/security/nonvulns-sarge
@@ -345,7 +350,7 @@
 CAN-2004-0963
 	NOTE: not-for-us (windows)
 CAN-2004-0962
-	TODO: check
+	NOTE: not-for-us (Apple Remote Desktop Client)
 CAN-2004-0961
 	- freeradius 1.0.1
 CAN-2004-0960
@@ -367,7 +372,7 @@
 CAN-2004-0954
 	NOTE: rejected
 CAN-2004-0953
-	TODO: check
+	NOTE: jabber version 2 is vulnerable, we have an older version that seems not
 CAN-2004-0952
 	NOTE: reserved
 CAN-2004-0951
@@ -375,7 +380,7 @@
 CAN-2004-0950
 	NOTE: not-for-us (NetOp Host)
 CAN-2004-0949
-	TODO: check
+	NOTE: check with kernel people
 CAN-2004-0948
 	NOTE: reserved
 CAN-2004-0947
@@ -510,7 +515,7 @@
 CAN-2004-0893
 	NOTE: reserved
 CAN-2004-0892
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2004-0891
 	- gaim 1.0.2
 CAN-2004-0890
@@ -531,7 +536,7 @@
 CAN-2004-0884
 	{DSA-568-1 DSA-563-1}
 CAN-2004-0883
-	TODO: check
+	TODO: check with kernel people
 CAN-2004-0882
 	NOTE: details http://security.e-matters.de/advisories/132004.html
 	- samba 3.0.7
@@ -670,7 +675,8 @@
 CAN-2004-0817
 	{DSA-548-1}
 CAN-2004-0816
-	TODO: check
+	NOTE: fixed in 2.6.8, what about 2.4 series?
+	TODO: check with kernel people
 CAN-2004-0815
 	{DSA-600-1}
 CAN-2004-0814
@@ -689,7 +695,7 @@
 CAN-2004-0811
 	- apache2 2.0.52
 CAN-2004-0810
-	TODO: check
+	NOTE: not-for-us (Netopia Timbuktu)
 CAN-2004-0809
 	{DSA-558-1}
 	- apache2 2.0.51-1
@@ -960,7 +966,7 @@
 CAN-2004-0686
 	- samba 3.0.5
 CAN-2004-0685
-	TODO: check
+	TODO: check with kernel people
 CAN-2004-0684
 	NOTE: not-for-us (WebSphere Edge Server)
 CAN-2004-0683
@@ -1041,7 +1047,7 @@
 CAN-2004-0647
 	- shorewall 2.0.3a
 CAN-2004-0646
-	TODO: check
+	NOTE: not-for-us (JRun)
 CAN-2004-0645
 	{DSA-579-1 DSA-550-1}
 CAN-2004-0644
@@ -1134,7 +1140,7 @@
 CAN-2004-0602
 	NOTE: not-for-us (FreeBSD)
 CAN-2004-0601
-	TODO: check
+	- disctcc 2.18.1-4
 CAN-2004-0600
 	- samba 3.0.5
 CAN-2004-0599
@@ -1144,7 +1150,7 @@
 CAN-2004-0597
 	{DSA-536}
 CAN-2004-0596
-	TODO: fix line below: what version?
+	TODO: check with kernel people
 CAN-2004-0595
 	{DSA-531}
 CAN-2004-0594