Author: joeyh Date: 2004-11-16 13:43:06 -0700 (Tue, 16 Nov 2004) New Revision: 126 Modified: sarge-checks/CAN/list Log: checked more 2003 CANs Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2004-11-16 19:51:30 UTC (rev 125) +++ sarge-checks/CAN/list 2004-11-16 20:43:06 UTC (rev 126) @@ -1784,8 +1784,10 @@ NOTE: covered by DSA-463 CAN-2004-0184 NOTE: covered by DSA-478 + - tcpdump 3.7.2-4 CAN-2004-0183 NOTE: covered by DSA-478 + - tcpdump 3.7.2-4 CAN-2004-0182 NOTE: not-for-us (mailman; RedHat specific bug) CAN-2004-0181 @@ -2459,7 +2461,7 @@ NOTE: this file is not used in Debian, so it''s not a problem for us. NOTE: source package still distributes the file, however. TODO: submitted to BTS. waiting for response. - - openslp (unfixed; bug #279973 + - openslp (unfixed; bug #279973; only problem in source package) CAN-2003-0874 NOTE: not-for-us (Deskpro) CAN-2003-0873 @@ -3317,7 +3319,7 @@ CAN-2003-0466 NOTE: covered by DSA-357 CAN-2003-0465 strncpy in kernel does not pad with zeroes - TODO: (unfixed; bug #280492) + - kernel-source-2.4.27 (unfixed; bug #280492) NOTE: generic .c version fixed in 2.6.x but not in 2.4.x NOTE: arch specific asm versions: NOTE: x86 is not affected @@ -3740,7 +3742,7 @@ CAN-2003-0264 NOTE: not-for-us (SLMail) CAN-2003-0263 - TODO: not-for-us (FTGatePro) + NOTE: not-for-us (FTGatePro) CAN-2003-0262 NOTE: covered by DSA-299 CAN-2003-0261 @@ -3871,28 +3873,28 @@ CAN-2003-0199 NOTE: reserved CAN-2003-0198 - TODO: check + NOTE: not-for-us (MacOS) CAN-2003-0197 - TODO: check + NOTE: not-for-us (Interbase Database) CAN-2003-0196 NOTE: covered by DSA-280 CAN-2003-0195 NOTE: covered by DSA-317 CAN-2003-0194 - TODO: check + NOTE: apparently a redhat specific compilation prolem of tcpdump CAN-2003-0193 NOTE: covered by DSA-576-1 - catdoc 0.91.5-2 CAN-2003-0192 - apache2 2.0.47 CAN-2003-0190 - TODO: check + - ssh (unfixed; bug filed) CAN-2003-0189 - apache2 2.0.46 CAN-2003-0188 NOTE: covered by DSA-304 CAN-2003-0187 - TODO: check + NOTE: only affects kernel 2.4.19, 2.4.20. CAN-2003-0186 NOTE: reserved CAN-2003-0185 @@ -3904,51 +3906,51 @@ CAN-2003-0182 NOTE: reserved CAN-2003-0181 - TODO: check + NOTE: not-for-us (Lotus Domino Web Server) CAN-2003-0180 - TODO: check + NOTE: not-for-us (Lotus Domino Web Server) CAN-2003-0179 - TODO: check + NOTE: not-for-us (Lotus Domino Web Server) CAN-2003-0178 - TODO: check + NOTE: not-for-us (Lotus Domino Web Server) CAN-2003-0177 - TODO: check + NOTE: not-for-us (IRIX) CAN-2003-0176 - TODO: check + NOTE: not-for-us (IRIX) CAN-2003-0175 - TODO: check + NOTE: not-for-us (IRIX) CAN-2003-0174 - - apache2 2.0.49 + NOTE: not-for-us (IRIX) CAN-2003-0173 NOTE: covered by DSA-283 CAN-2003-0172 - TODO: check + NOTE: not belived to be vulnerable (http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2) CAN-2003-0171 - TODO: check + NOTE: not-for-us (MacOS) CAN-2003-0170 - TODO: check + NOTE: not-for-us (AIX) CAN-2003-0169 - TODO: check + NOTE: not-for-us (HP Instant TopTools) CAN-2003-0168 - TODO: check + NOTE: not-for-us (Apple QuickTime Player) CAN-2003-0167 NOTE: covered by DSA-274 CAN-2003-0166 - TODO: check + NOTE: not belived to be vulnerable (http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2) CAN-2003-0165 - TODO: check + - eog 2.2.1 CAN-2003-0164 NOTE: reserved CAN-2003-0163 - TODO: check + NOTE: Gaim-Encryption Plugin not in debian CAN-2003-0162 NOTE: covered by DSA-271 CAN-2003-0161 NOTE: covered by DSA-278 CAN-2003-0160 - TODO: check + - squirrelmail 1:1.2.11 CAN-2003-0159 - TODO: check + - ethereal 0.9.10 CAN-2003-0158 NOTE: rejected CAN-2003-0157 @@ -3964,13 +3966,13 @@ CAN-2003-0152 NOTE: covered by DSA-265 CAN-2003-0151 - TODO: check + NOTE: not-for-us (BEA WebLogic Server) CAN-2003-0150 NOTE: covered by DSA-303 CAN-2003-0149 - TODO: check + NOTE: not-for-us (McAfee ePolicy Orchestrator) CAN-2003-0148 - TODO: check + NOTE: not-for-us (McAfee ePolicy Orchestrator) CAN-2003-0147 NOTE: covered by DSA-288 CAN-2003-0146 @@ -3982,9 +3984,9 @@ CAN-2003-0143 NOTE: covered by DSA-259 CAN-2003-0142 - TODO: check + NOTE: not-for-us (acroread) CAN-2003-0141 - TODO: check + NOTE: not-for-us (Real) CAN-2003-0140 NOTE: covered by DSA-268 CAN-2003-0139 @@ -3992,61 +3994,62 @@ CAN-2003-0138 NOTE: covered by DSA-266 CAN-2003-0137 - TODO: check + NOTE: not-for-us (Nokia Serving GPRS support node) CAN-2003-0136 NOTE: covered by DSA-285 -CAN-2003-0135 - TODO: check +CAN-2003-0135 + NOTE: red-hat specific compilation problem of vsftpd CAN-2003-0134 - apache2 2.0.46 CAN-2003-0133 - TODO: check + - evolution 1.2.4 CAN-2003-0132 - apache2 2.0.45 CAN-2003-0131 NOTE: covered by DSA-288 CAN-2003-0130 - TODO: check + - evolution 1.2.3 CAN-2003-0129 - TODO: check + - evolution 1.2.3 CAN-2003-0128 - TODO: check + - evolution 1.2.3 CAN-2003-0127 NOTE: covered by DSA-270 CAN-2003-0126 - TODO: check + NOTE: not-for-us (SOHO Routefinder 550 firmware) CAN-2003-0121 - TODO: check + NOTE: not-for-us (Clearswift MAILsweeper) CAN-2003-0120 NOTE: covered by DSA-256 CAN-2003-0119 - TODO: check + NOTE: not-for-us (AIX) CAN-2003-0118 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2003-0117 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2003-0116 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2003-0115 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2003-0114 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2003-0113 - - apache2 2.0.49 + NOTE: not-for-us (Microsoft) CAN-2003-0112 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2003-0111 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2003-0110 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2003-0109 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2003-0108 NOTE: covered by DSA-255 + - tcpdump 3.7.1-1.2 CAN-2003-0106 - TODO: check + NOTE: not-for-us (Symantec Enterprise Firewall) CAN-2003-0105 - TODO: check + NOTE: not-for-us (ServerMask) CAN-2003-0102 NOTE: covered by DSA-260 CAN-2003-0101 @@ -4056,37 +4059,38 @@ CAN-2003-0098 NOTE: covered by DSA-277 CAN-2003-0096 - TODO: check + NOTE: not-for-us (Oracle) CAN-2003-0093 NOTE: covered by DSA-261 CAN-2003-0092 - TODO: check + NOTE: not-for-us (Solaris) CAN-2003-0091 - TODO: check + NOTE: not-for-us (Solaris) CAN-2003-0090 NOTE: rejected CAN-2003-0089 - TODO: check + NOTE: not-for-us (HP-UX) CAN-2003-0086 NOTE: covered by DSA-262 CAN-2003-0085 NOTE: covered by DSA-262 CAN-2003-0084 - TODO: check + NOTE: mod_auth_any not in Debian CAN-2003-0083 - apache2 2.0.46 + - apache 1.3.25 CAN-2003-0082 NOTE: covered by DSA-266 CAN-2003-0081 NOTE: covered by DSA-258 CAN-2003-0080 - TODO: check + - gnome-lokkit 0.50.22-4 CAN-2003-0078 NOTE: covered by DSA-253 CAN-2003-0076 - TODO: check + - dcgui 0.2.2 CAN-2003-0074 - TODO: check + - plptools 0.12-0 CAN-2003-0073 NOTE: covered by DSA-303 CAN-2003-0072