Author: joeyh
Date: 2005-09-01 21:14:16 +0000 (Thu, 01 Sep 2005)
New Revision: 1777
Modified:
data/CAN/list
Log:
automatic CAN database update
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-01 20:48:13 UTC (rev 1776)
+++ data/CAN/list 2005-09-01 21:14:16 UTC (rev 1777)
@@ -10,6 +10,7 @@
CAN-2005-XXXX [Insecure symlink handling in smb4k]
- smb4k 0.6.3-1 (medium)
CAN-2005-2724 [courier XSS vulnerabiliy]
+ {DSA-793-1}
- courier 0.47-8 (medium; bug #325631)
CAN-2005-XXXX [xattr sharing bug in kernel''s ext3 code]
- kernel-source-2.4.27 2.4.27-11 (medium)
@@ -735,7 +736,7 @@
CAN-2005-2551 (Buffer overflow in dhost.exe in iMonitor for Novell eDirectory
8.7.3 ...)
NOTE: not-for-us (Novell eDirectory)
CAN-2005-2547 (security.c in hcid for BlueZ 2.18 and earlier allows remote
attackers ...)
- {DSA-782-1}
+ {DSA-782-1 DTSA-9-1}
- bluez-utils 2.19-0.1etch1 (bug #323365; medium)
CAN-2005-2546 (Arab Portal 2.0 allows remote attackers to obtain sensitive ...)
NOTE: not-for-us (Arab Portal)
@@ -857,6 +858,7 @@
CAN-2005-2492
NOTE: reserved
CAN-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular
...)
+ {DTSA-10-1}
- pcre3 6.3-0.1etch1 (bug #324531; medium)
TODO: gnumeric seems to embed a copy of PCRE, check
- python2.1 2.1.3dfsg-3 (medium)
@@ -1678,49 +1680,49 @@
CAN-2005-2271 (iCab 2.9.8 does not clearly associate a Javascript dialog box
with the ...)
NOTE: not-for-us (iCab)
CAN-2005-2270 (Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly
clone ...)
- {DSA-781-1 DSA-779-1}
+ {DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (high)
- mozilla 2:1.7.10-1 (high)
- mozilla-thunderbird 1.0.6-1 (high)
CAN-2005-2269 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2
does ...)
- {DSA-781-1 DSA-779-1}
+ {DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (high)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (medium)
CAN-2005-2268 (Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly
...)
- {DSA-779-1}
+ {DSA-779-2 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (medium)
- mozilla 2:1.7.10-1 (medium)
CAN-2005-2267 (Firefox before 1.0.5 allows remote attackers to steal
information and ...)
- {DSA-779-1}
+ {DSA-779-2 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (medium)
CAN-2005-2266 (Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child
frame to ...)
- {DSA-781-1 DSA-779-1}
+ {DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (medium)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (low)
CAN-2005-2265 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2
and 7.2 ...)
- {DSA-781-1 DSA-779-1}
+ {DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (high)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (medium)
CAN-2005-2264 (Firefox before 1.0.5 allows remote attackers to steal sensitive
...)
- {DSA-779-1}
+ {DSA-779-2 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (medium)
CAN-2005-2263 (The InstallTrigger.install method in Firefox before 1.0.5 and
Mozilla ...)
- {DSA-779-1}
+ {DSA-779-2 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (medium)
- mozilla 2:1.7.10-1 (medium)
CAN-2005-2262 (Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote
attackers ...)
- {DSA-779-1}
+ {DSA-779-2 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (medium)
CAN-2005-2261 (Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before
1.7.9, ...)
- {DSA-781-1 DSA-779-1}
+ {DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (medium)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (medium)
CAN-2005-2260 (The browser user interface in Firefox before 1.0.5, Mozilla
before ...)
- {DSA-779-1}
+ {DSA-779-2 DSA-779-1 DTSA-8-2}
- mozilla-firefox 1.0.4-2sarge3 (medium)
- mozilla 2:1.7.10-1 (medium)
CAN-2002-2086 (Multiple cross-site scripting (XSS) vulnerabilities in magicHTML
of ...)
@@ -3682,7 +3684,7 @@
CAN-2005-1938
NOTE: rejected
CAN-2005-1937 (A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows
remote ...)
- {DSA-777-1 DSA-775-1}
+ {DSA-777-1 DSA-775-1 DTSA-8-2 DTSA-7-1}
- mozilla-firefox 1.0.4-2sarge3 (medium)
- mozilla 2:1.7.8-1sarge1 (medium)
CAN-2004-2137 (Outlook Express 6.0, when sending multipart e-mail messages
using the ...)
@@ -11858,7 +11860,7 @@
CAN-2004-0719 (Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows
XP, ...)
NOTE: not-fos-us (Microsoft)
CAN-2004-0718 (The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4)
...)
- {DSA-777-1 DSA-775-1}
+ {DSA-777-1 DSA-775-1 DTSA-8-2 DTSA-7-1}
NOTE: This has been fixed in mozilla-firefox 0.8 and mozilla 1.6, but recent
NOTE: upstream versions became vulnerable again, see
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=296850