Moritz Muehlenhoff
2005-Aug-29 14:26 UTC
[Secure-testing-commits] r1713 - in data: CAN DSA
Author: jmm-guest
Date: 2005-08-29 14:26:03 +0000 (Mon, 29 Aug 2005)
New Revision: 1713
Modified:
data/CAN/list
data/DSA/list
Log:
drupal fixed
new kismet dsa
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-08-29 07:40:19 UTC (rev 1712)
+++ data/CAN/list 2005-08-29 14:26:03 UTC (rev 1713)
@@ -813,7 +813,7 @@
CAN-2005-2499 (slocate before 2.7 does not properly process very long paths,
which ...)
- slocate (unfixed; bug #324951; low)
CAN-2005-2498 (Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier
(PEAR ...)
- - drupal (unfixed; bug #323347; high)
+ - drupal 4.5.5-1 (bug #323347; high)
- phpgroupware (unfixed; bug #323349; high)
- egroupware (unfixed; bug #323350; high)
TODO: phpwiki has disabled the XMLRPC in the last upload, it orphaned as well,
should be fixed anyway
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-08-29 07:40:19 UTC (rev 1712)
+++ data/DSA/list 2005-08-29 14:26:03 UTC (rev 1713)
@@ -1,3 +1,7 @@
+[29 Aug 2005] DSA-788-1 kismet - several
+ {CAN-2005-2626 CAN-2005-2627}
+ - kismet 2005.08.R1-1 (medium)
+ NOTE: not fixed in testing at time of DSA (glibc transition)
[26 Aug 2005] DSA-787-1 backup-manager - insecure permissions and tempfile
{CAN-2005-1855 CAN-2005-1856}
- backup-manager 0.5.8-2 (medium)