Author: joeyh Date: 2004-12-22 10:53:29 -0700 (Wed, 22 Dec 2004) New Revision: 207 Modified: sarge-checks/CAN/list Log: updates from BTS Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2004-12-22 17:35:32 UTC (rev 206) +++ sarge-checks/CAN/list 2004-12-22 17:53:29 UTC (rev 207) @@ -11,7 +11,8 @@ CAN-2004-1309 TODO: check CAN-2004-1308 - TODO: check + - libtiff4 (unfixed; bug #286833) + TODO: other packages containing libtiff code may be vulnerable (kfax?) CAN-2004-1307 NOTE: reserved CAN-2004-1306 @@ -19,7 +20,7 @@ CAN-2004-1305 NOTE: reserved CAN-2004-1304 - TODO: check + - file (unfixed; bug #283316) CAN-2004-1303 TODO: check CAN-2004-1302 @@ -27,7 +28,7 @@ CAN-2004-1301 TODO: check CAN-2004-1300 - TODO: check + - libxine1 (unfixed; bug #285899) CAN-2004-1299 TODO: check CAN-2004-1298 @@ -36,10 +37,11 @@ TODO: check CAN-2004-1296 NOTE: reserved + - pic2graph (unfixed; bug #286371) CAN-2004-1295 TODO: check CAN-2004-1294 - TODO: check + - tnftp (unfixed; bug #285902) CAN-2004-1293 TODO: check CAN-2004-1292 @@ -99,7 +101,7 @@ CAN-2004-1265 TODO: check CAN-2004-1264 - TODO: check + - chbg (unfixed; bug #285904) CAN-2004-1263 TODO: check CAN-2004-1262 @@ -111,7 +113,7 @@ CAN-2004-1259 TODO: check CAN-2004-1258 - TODO: check + - abcm2ps (unfixed; bug #285903) CAN-2004-1257 TODO: check CAN-2004-1256 @@ -254,7 +256,7 @@ CAN-2004-1189 NOTE: reserved CAN-2004-1188 (The pnm_get_chunk function in xine 0.99.2 and earlier, and other ...) - TODO: check + - libxine1 (unfixed; bug #286077) CAN-2004-1187 (Heap-based buffer overflow in the pnm_get_chunk function for xine ...) TODO: check CAN-2004-1186 @@ -316,10 +318,8 @@ CAN-2004-1159 NOTE: rejected CAN-2004-1158 (Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows ...) - TODO: check - NOTE: unable to really reproduce it using their test page - NOTE: vulnerale version is unclear. What''s the -6 in the version - NOTE: numer the reference? RedHat revision? + - kdelibs 4:3.3.1-3 + - kdebase (unfixed; bug #286516) CAN-2004-1157 (Opera 7.x up to 7.54, and possibly other versions, allows remote ...) NOTE: not-for-us (Opera) CAN-2004-1156 (Mozilla through 1.7.x, and Mozilla Firefox through 1.x, allows remote ...) @@ -349,10 +349,12 @@ NOTE: reserved CAN-2004-1145 NOTE: reserved + - kdelibs (unfixed; bug #286521) CAN-2004-1144 NOTE: reserved CAN-2004-1143 NOTE: reserved + - mailman (unfixed; bug #286796) CAN-2004-1142 NOTE: reserved CAN-2004-1141