Secure testing commits - Jul 2005 - r1378 - data/CAN

Author: joeyh
Date: 2005-07-14 07:04:59 +0000 (Thu, 14 Jul 2005)
New Revision: 1378

Modified:
   data/CAN/list
Log:
canified ekg, but it has a second set of security holes which may get
another can and has a separate bug filed


Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-07-13 18:57:59 UTC (rev 1377)
+++ data/CAN/list	2005-07-14 07:04:59 UTC (rev 1378)
@@ -1,3 +1,4 @@
+
 CAN-2005-XXXX [base-config log should not be world readable]
 	- base-config 2.68 (low)
 CAN-2005-2169 (Directory traversal vulnerability in source.php in Quick
& Dirty ...)
@@ -113,7 +114,7 @@
 CAN-2004-2154 (CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf
as ...)
 	- cupsys 1.1.20final+rc1-1 (low)
 CAN-2005-XXXX [Insecure tempfile generation in ekg]
-	- ekg (unfixed; bug #317027; medium)
+	- ekg (unfixed; bug #318059; medium)
 CAN-2005-2116 (Unknown vulnerability in the third-party XML-RPC library in
Drupal ...)
 	NOTE: This will probably be re-organized by the CVE editor, but lets keep it
for now,
 	NOTE: as it''s the same issue
@@ -170,11 +171,10 @@
 	NOTE: We have to check whether zlib 1.1 is really not affected, sometimes the
CVE
 	NOTE: descriptions are flaky wrt affected versions, kernel, mozilla, rsync and
oo
 	NOTE: supposedly use 1.1
-	TODO: - kernel-source-2.6.11 (unfixed; medium)
-	TODO: - kernel-source-2.4.27 (unfixed; medium)
-	TODO: - mozilla (unfixed; medium)
-	TODO: - openoffice.org (unfixed; medium)
-	TODO: - rsync (unfixed; medium)
+	NOTE: Florian Weimer is doing a comprehensive audit using clamav
+	NOTE: to search for static zlib signatures in binaries in Debian
+	NOTE: Not all of the listed packages have been checked for actual
+	NOTE: exploitability using this hole.
 	- dpkg (unfixed; bug #317967; medium)
 	- zsync (unfixed; bug #317968; medium)
 	- dump (unfixed; bug #317966; medium)
@@ -183,6 +183,14 @@
 	- ia32-libs (unfixed; bug #317971; medium)
 	- dar-static (unfixed; bug #317989; medium)
 	- bacula-sd (unfixed; bug #318014; medium)
+	- sash (unfixed; bug #318069; medium)
+	- libphysfs-1.0-0 (unfixed; bug #318091; medium)
+	- mrtg (unfixed; bug #318096; medium)
+	- oops (unfixed; bug #318097; medium)
+	- lsb-rpm (unfixed; bug #318099; medium)
+	- rageircd (unfixed; bug #309196; medium)
+	- systemimager-ssh (unfixed; bug #318101; medium)
+	- texmacs (unfixed; bug #318100; medium)
 CAN-2005-2095
 	NOTE: reserved
 	- squirrelmail (unfixed; #317094; medium)
@@ -1319,7 +1327,7 @@
 CAN-2005-1917 (kpopper 1.0 and earlier allows local users to create and
overwrite ...)
 	TODO: check
 CAN-2005-1916 (linki.py in ekg 2005-06-05 and earlier allows local users to
overwrite ...)
-	TODO: check
+	- ekg (unfixed; bug #317027; low)
 CAN-2005-1915
 	NOTE: reserved
 CAN-2005-1914 [Insecure tempfile usage in centericq]