Author: joeyh Date: 2005-02-25 21:31:22 +0100 (Fri, 25 Feb 2005) New Revision: 494 Modified: sarge-checks/CAN/list Log: updates; new wu-ftpd hole Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-02-25 20:14:17 UTC (rev 493) +++ sarge-checks/CAN/list 2005-02-25 20:31:22 UTC (rev 494) @@ -31,7 +31,7 @@ CAN-2005-0524 NOTE: reserved CAN-2005-0523 (Format string vulnerability in ProZilla 1.3.7.3 and earlier allows ...) - - prozilla (unfixed; bug filed) + - prozilla (unfixed; bug #296925) CAN-2005-0522 (Chat Anywhere 2.72a stores sensitive information such as passwords in ...) NOTE: not-for-us (Chat Anywhere) CAN-2005-0521 (SendLink 1.5 stores sensitive information, possibly including ...) @@ -78,7 +78,7 @@ - kernel-source-2.6.10 2.6.10-2 - kernel-source-2.4.27 2.4.27-8 CAN-2005-0503 (uim before 0.4.5.1 trusts certain environment variables when libUIM is ...) - - uim (unfixed; bug #296632) + - uim 1:0.4.6beta2-1 CAN-2005-0502 (Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows ...) NOTE: not-for-us (Xinkaa) CAN-2005-0501 (Buffer overflow in Bontago 1.1 and earlier allows remote attackers ...) @@ -1224,6 +1224,7 @@ NOTE: reserved CAN-2005-0256 NOTE: reserved + - wuftpd (unfixed; bug #296929) CAN-2005-0255 NOTE: reserved CAN-2005-0254 (BibORB 1.3.2, and possibly earlier versions, does not properly enforce ...)