Author: jmm-guest Date: 2005-07-13 09:11:55 +0000 (Wed, 13 Jul 2005) New Revision: 1376 Modified: data/CAN/list Log: new krb5 issues Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-07-13 06:39:52 UTC (rev 1375) +++ data/CAN/list 2005-07-13 09:11:55 UTC (rev 1376) @@ -1892,8 +1892,9 @@ NOTE: reserved CAN-2005-1690 NOTE: rejected -CAN-2005-1689 +CAN-2005-1689 [krb5 KDC double free()] NOTE: reserved + - krb5 1.3.6-4 (medium) CAN-2005-1688 (Wordpress 1.5 and earlier allows remote attackers to obtain sensitive ...) NOTE: Removed from Sarge due to intransparent handling of security issues by upstream - wordpress 1.5.1-1 @@ -3998,10 +3999,14 @@ NOTE: and not the version in Sarge CAN-2005-1176 (Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while ...) NOTE: not-for-us (AIX) -CAN-2005-1175 +CAN-2005-1175 [MIT krb5 KDC heap overflow] NOTE: reserved -CAN-2005-1174 + TODO: check krb4 + - krb5 1.3.6-4 (medium) +CAN-2005-1174 [MIT krb5 KDC free() DoS] NOTE: reserved + TODO: check krb4 + - krb5 1.3.6-4 (medium) CAN-2004-1774 (Buffer overflow in the SDO_CODE_SIZE peocedure of the MD2 package ...) NOTE: not-for-us (Oracle) CAN-2005-1173 (Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote ...)