Author: joeyh
Date: 2005-08-31 21:18:45 +0000 (Wed, 31 Aug 2005)
New Revision: 1752
Modified:
data/CAN/list
data/DSA/list
Log:
new DSA, and update on CAN-2004-0718 CAN-2005-1937 for moz
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-08-31 19:03:01 UTC (rev 1751)
+++ data/CAN/list 2005-08-31 21:18:45 UTC (rev 1752)
@@ -11848,7 +11848,8 @@
NOTE: This has been fixed in mozilla-firefox 0.8 and mozilla 1.6, but recent
NOTE: upstream versions became vulnerable again, see
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=296850
- - mozilla (unfixed; medium)
+ NOTE: and were fixed again, it got CAN-2005-1937 for the reversion
+ - mozilla 1.6 (medium)
- mozilla-firefox 1.0.4-3 (medium)
CAN-2004-0717 (Opera 7.51 for Windows and 7.50 for Linux does not properly
prevent a ...)
NOTE: not-for-us (opera 7.50)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-08-31 19:03:01 UTC (rev 1751)
+++ data/DSA/list 2005-08-31 21:18:45 UTC (rev 1752)
@@ -1,3 +1,7 @@
+[31 Aug 2005] DSA-792-1 pstotext - missing input sanitising
+ {CAN-2005-2536}
+ - pstotext 1.9-2 (medium)
+ NOTE: not fixed in testing at time of DSA (glibc transition, builds)
[30 Aug 2005] DSA-791-1 maildrop - missing privilege release
{CAN-2005-2655}
- maildrop 1.5.3-2 (medium)