Moritz Muehlenhoff
2005-May-15 19:17 UTC
[Secure-testing-commits] r1070 - sarge-checks/CAN
Author: jmm-guest Date: 2005-05-15 19:17:45 +0000 (Sun, 15 May 2005) New Revision: 1070 Modified: sarge-checks/CAN/list Log: shadow vipw fixed for sid gnutls dos already tracked as CAN-2005-1431 Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-05-15 18:55:01 UTC (rev 1069) +++ sarge-checks/CAN/list 2005-05-15 19:17:45 UTC (rev 1070) @@ -1,5 +1,3 @@ -CAN-2005-XXXX [DoS security problem in gnutls] - - gnutls (unfixed; bug #309111) CAN-2005-XXXX [DNS response spoofing in Squid] - squid 2.5.9-9 CAN-2005-XXXX [Several buffer overflows in termpkg] @@ -1122,7 +1120,8 @@ CAN-2005-XXXX [Insecure mailbox generation in passwd''s useradd - shadow (unfixed; bug #307259) CAN-2005-XXXX [Insecure tempfile generation in shadow''s vipw] - - shadow (unfixed; bug #242407) + NOTE: Fixed in 4.0.3-33 for sid, Sarge would need an update through t-p-u + - shadow 4.0.3-33 CAN-2005-1364 (Multiple SQL injection vulnerabilities in MetaBid Auctions allow ...) NOTE: not-for-us (MetaBid Auctions) CAN-2005-1363 (Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow ...)