Author: jmm-guest Date: 2005-08-28 10:49:07 +0000 (Sun, 28 Aug 2005) New Revision: 1685 Modified: data/CAN/list data/embedded-code-copies Log: cplay and tleds fixed, pythons seem to embed a pcre copy as well Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-08-28 10:44:21 UTC (rev 1684) +++ data/CAN/list 2005-08-28 10:49:07 UTC (rev 1685) @@ -1,3 +1,5 @@ +CAN-2005-XXXX [Insecure tempfile usage in tleds] + - tleds 1.05beta10-9 (bug# 276789; low) CAN-2005-XXXX [XSS in gallery''s EXIF handling] - gallery (unfixed; bug #325285; medium) - gallery2 (unfixed; bug #325285; medium) @@ -84,7 +86,7 @@ CAN-2005-2654 NOTE: reserved CAN-2005-XXXX [cplay - still unsafe temporary file handling vulnerable to symlink attacks] - - cplay (unfixed; bug #324913; low) + - cplay 1.49-8 (bug #324913; low) CAN-2005-XXXX [$servers[$i][''disable_anon_bind''] = true doesn''t prevent anonymous to access ldap directory] - phpldapadmin 0.9.6c-5 (bug #322423; low) CAN-2005-2672 (pwmconfig in LM_sensors before 2.9.1 creates temporary files ...) @@ -829,7 +831,7 @@ NOTE: reserved CAN-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular ...) - pcre3 6.3-1 (bug #324531; medium) - TODO: gnumeric seems to embed a copy of PCRE, check this + TODO: gnumeric and pythons seems to embed a copy of PCRE, check these CAN-2005-2490 NOTE: reserved CAN-2004-2302 (Race condition in the sysfs_read_file and sysfs_write_file functions ...) Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2005-08-28 10:44:21 UTC (rev 1684) +++ data/embedded-code-copies 2005-08-28 10:49:07 UTC (rev 1685) @@ -76,3 +76,4 @@ pcre: gnumeric(?) +python(?)