Moritz Muehlenhoff
2005-Aug-16 16:37 UTC
[Secure-testing-commits] r1599 - in data: . CAN DSA
Author: jmm-guest
Date: 2005-08-16 16:36:39 +0000 (Tue, 16 Aug 2005)
New Revision: 1599
Modified:
data/CAN/list
data/DSA/list
data/embedded-code-copies
Log:
new clamav dsa
track more local code copies
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-08-16 10:52:02 UTC (rev 1598)
+++ data/CAN/list 2005-08-16 16:36:39 UTC (rev 1599)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [DoS against clamav through infinite loop in cli_rmdirs]
+ - clamav 0.86.2-1 (low)
CAN-2005-2554 (The web server for Network Associates ePolicy Orchestrator Agent
3.5.0 ...)
NOTE: not-for-us (Network Associated ePolicy Orchestrator Agent)
CAN-2005-2553 (The find_target function in ptrace32.c in the Linux kernel 2.4.x
...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-08-16 10:52:02 UTC (rev 1598)
+++ data/DSA/list 2005-08-16 16:36:39 UTC (rev 1599)
@@ -1,3 +1,7 @@
+[16 Aug 2005] DSA-776-1 clamav - integer overflows, infinite loop
+ {CAN-2005-2450}
+ - clamav 0.86.2-1
+ NOTE: not fixed in testing at time of DSA (waiting on dependencies)
[12 Aug 2005] DSA-775-1 mozilla-firefox - frame injection spoofing
{CAN-2004-0718 CAN-2005-1937}
- mozilla-firefox 1.0.4-3
Modified: data/embedded-code-copies
==================================================================---
data/embedded-code-copies 2005-08-16 10:52:02 UTC (rev 1598)
+++ data/embedded-code-copies 2005-08-16 16:36:39 UTC (rev 1599)
@@ -21,6 +21,8 @@
centericq
gaim
kopete (ships the code, but links dynamically in the Debian package)
+kadu (not packaged in Debian)
+GNU gadu (not packaged in Debian)
xmlrpc: (which package is the "origin" of this code?)
@@ -29,6 +31,7 @@
egroupware
phpwiki
php4 (php-pear, IIRC this was reorganized some weeks ago?)
+tikiwiki (not packaged in Debian)
shtool: (affects build-time only)