Author: jmm-guest Date: 2005-03-25 21:00:10 +0000 (Fri, 25 Mar 2005) New Revision: 661 Modified: sarge-checks/CAN/list Log: Remotely root-exploitable heap overflow in smail and another local vulnerability in the sighandler. The included patch for the heap overflow seems correct. Joey, in case the maintainer doesn''t react in a few days, could you NMU this? Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-03-25 20:41:08 UTC (rev 660) +++ sarge-checks/CAN/list 2005-03-25 21:00:10 UTC (rev 661) @@ -1,3 +1,5 @@ +CAN-2005-XXXX [Remote and local root vulnerabilities in smail with a broad attack vector] + - smail (unfixed; bug pending) CAN-2005-XXXX [Unsafe recommendation (and implementation) of debugging in rscsi] - cdrtools (unfixed; bug #291376) CAN-2005-0846 (Multiple cross-site scripting (XSS) vulnerabilities in the email ...)