Author: joeyh
Date: 2004-12-13 13:21:29 -0700 (Mon, 13 Dec 2004)
New Revision: 196
Modified:
sarge-checks/CAN/list
Log:
update
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2004-12-13 20:16:14 UTC (rev 195)
+++ sarge-checks/CAN/list 2004-12-13 20:21:29 UTC (rev 196)
@@ -1,6 +1,6 @@
CAN-2004-1171
- - kdelibs (unfixed; bug filed)
- - kdebase (unfixed; bug filed)
+ - kdelibs 4:3.3.1-2
+ - kdebase 4:3.3.1-3
CAN-2004-1170
- a2ps 1:4.13b-4.2
CAN-2004-1169
@@ -12,7 +12,7 @@
CAN-2004-1166
NOTE: not-for-us (Microsoft)
CAN-2004-1165
- - konqueror (unfixed; bug filed)
+ - konqueror (unfixed; bug #285128)
CAN-2004-1164
NOTE: not-for-us (Cisco)
CAN-2004-1163
@@ -27,10 +27,15 @@
NOTE: rejected
CAN-2004-1158
TODO: check
+ NOTE: unable to really reproduce it using their test page
+ NOTE: vulnerale version is unclear. What''s the -6 in the version
+ NOTE: numer the reference? RedHat revision?
CAN-2004-1157
NOTE: not-for-us (Opera)
CAN-2004-1156
TODO: check
+ NOTE: unable to really reproduce it using their test page and
+ NOTE: firefox.. but my setup is pretty nonstandard -- joey
CAN-2004-1155
NOTE: not-for-us (Microsoft MSIE)
CAN-2004-1154
@@ -3596,7 +3601,6 @@
NOTE: fixed in linux 2.4.21
CAN-2003-0466
{DSA-357}
- TODO: check
CAN-2003-0465 strncpy in kernel does not pad with zeroes
- kernel-source-2.4.27 (unfixed; bug #280492)
NOTE: generic .c version fixed in 2.6.x but not in 2.4.x