Author: jmm-guest Date: 2005-09-06 09:13:07 +0000 (Tue, 06 Sep 2005) New Revision: 1825 Modified: data/CAN/list Log: insecure mldonkey perms fixed requested two CVE assignments for kernel issues Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-09-06 07:54:13 UTC (rev 1824) +++ data/CAN/list 2005-09-06 09:13:07 UTC (rev 1825) @@ -166,8 +166,10 @@ - courier 0.47-8 (medium; bug #325631) CAN-2005-XXXX [xattr sharing bug in kernel''s ext3 code] - kernel-source-2.4.27 2.4.27-11 (medium) + NOTE: CVE assignment requested NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00238.html CAN-2005-XXXX [Remote DoS when using ipt_recent on 64 bit systems] + NOTE: CVE assignment requested - kernel-source-2.4.27 2.4.27-11 (bug #322237; medium) CAN-2005-XXXX [polygen doesn''t honor umask when creating grm.o files] NOTE: Fix in -8 had problems @@ -1030,7 +1032,7 @@ CAN-2005-XXXX [Does not do escaping in mysql version - both a worrying flaw and stops adduser working] - dbmail (unfixed; bug #303991; medium) CAN-2005-XXXX [downloads.ini writable by group users, world-readable] - - mldonkey-server (unfixed; bug #300560; low) + - mldonkey 2.5.28.1-1 (bug #300560; low) CAN-2005-XXXX [Should include "UNRESTRICTED access to your computer" warning somewhere] - gcjwebplugin (unfixed; bug #267040; high) CAN-2005-XXXX [Inconsistent escaping of user supplied data in dbauthpgsql.c]