Author: joeyh
Date: 2005-09-13 18:59:57 +0000 (Tue, 13 Sep 2005)
New Revision: 1961
Modified:
data/CAN/list
data/DSA/list
Log:
munge version numbers for php4 dtsa
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-13 18:58:35 UTC (rev 1960)
+++ data/CAN/list 2005-09-13 18:59:57 UTC (rev 1961)
@@ -1212,7 +1212,7 @@
- phpgroupware 0.9.16.008-1 (bug #323349; high)
- egroupware 1.0.0.009.dfsg-1 (bug #323350; high)
TODO: phpwiki has disabled the XMLRPC in the last upload, it orphaned as well,
should be fixed anyway
- - php4 4:4.3.10-16 (bug #323366; high)
+ - php4 4.3.10-16etch1 (bug #323366; high)
TODO: check php5
CAN-2005-2497
NOTE: reserved
@@ -4104,7 +4104,7 @@
- egroupware 1.0.0.007-3.dfsg-1 (high)
- phpwiki 1.3.7-4 (high)
NOTE: ewiki does not seem vulnerable (no eval, different code base)
- - php4 4:4.4.0-1 (high)
+ - php4 4.3.10-16etch1 (high)
NOTE: horde3 is not affected by this issue, they ship different XMLRPC code
CAN-2005-1920 (The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x
through ...)
{DSA-804-1}
@@ -4493,7 +4493,7 @@
{DSA-789-1 DTSA-16-1}
- shtool 2.0.1-2 (low)
- mysql-ocaml 1.0.3-6 (low)
- - php4 4:4.4.0-1 (low)
+ - php4 4.3.10-16etch1 (low)
NOTE: the patch applied to NMU #311206 fixes both CAN-2005-1759 and
CAN-2005-1751
CAN-2004-2136 (dm-crypt on Linux kernel 2.6.x, when used on certain file
systems ...)
NOTE: This looks like a minor issue, the paper is from Feb 2004, check whether
this still applies
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-09-13 18:58:35 UTC (rev 1960)
+++ data/DSA/list 2005-09-13 18:59:57 UTC (rev 1961)
@@ -93,7 +93,7 @@
NOTE: fixed in testing at time of DSA
[29 Aug 2005] DSA-789-1 php4 - several
{CAN-2005-1751 CAN-2005-1921 CAN-2005-2498}
- - php4 4:4.4.0-2 (high)
+ - php4 4.3.10-16etch1 (high)
NOTE: not fixed in testing at time of DSA (not uploaded yet)
[29 Aug 2005] DSA-788-1 kismet - several
{CAN-2005-2626 CAN-2005-2627}