Author: jmm-guest Date: 2005-04-18 19:31:01 +0000 (Mon, 18 Apr 2005) New Revision: 849 Modified: sarge-checks/CAN/list Log: oops not included in Sarge. ilohamail bug# latest mozilla vulns have been fixed. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-04-18 18:39:10 UTC (rev 848) +++ sarge-checks/CAN/list 2005-04-18 19:31:01 UTC (rev 849) @@ -57,10 +57,11 @@ CAN-2005-1122 (Format string vulnerability in cgi.c for Monkey daemon (monkeyd) ...) NOTE: not-for-us (monkeyd) CAN-2005-1121 (Format string vulnerability in Oops! Proxy Server 1.5.53 and earlier ...) + NOTE: Not part of Sarge due to FTBFS on ia64 and alpha, couldn''t find any more + NOTE: information than the description of the CVE entry - oops (unfixed) CAN-2005-1120 (Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail ...) - TODO: file bug - - ilohamail (unfixed) + - ilohamail (unfixed; bug #304525) CAN-2005-1119 (Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary ...) TODO: Somehow related bug 283161, but file a proper one, unfortunately information TODO: is very sparse @@ -94,7 +95,7 @@ CAN-2005-XXXX [Multiple further vulnerabilities in Mozilla/Firefox beside CAN-2005-0989] NOTE: Mozilla suite is not affected by all of these issues - mozilla-firefox 1.0.3-1 - - mozilla (unfixed) + - mozilla 1.7.7-1 CAN-2005-XXXX [libsafe security check bypass in multi threaded environments] CAN-2005-XXXX [Remote DoS vulnerabilities in postgrey] - postgrey 1.21-1