Author: fw
Date: 2005-09-19 09:07:31 +0000 (Mon, 19 Sep 2005)
New Revision: 2042
Modified:
data/CAN/list
Log:
More data from bugs-dist.
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-18 13:18:33 UTC (rev 2041)
+++ data/CAN/list 2005-09-19 09:07:31 UTC (rev 2042)
@@ -1,3 +1,7 @@
+CAN-2005-XXXX [insecure temporary file handling in arc]
+ - arc (unfixed; bug #329053; low)
+CAN-2005-XXXX [insecure temporary file handling in ncompress]
+ - ncompress (unfixed; bug #329052; low)
CAN-2005-2917 [DoS vulnerability in squid''s NMTL auth code]
- squid 2.5.10-6 (unknown)
CAN-2005-XXXX [user password file created by gajim is world-redable]
@@ -29,7 +33,7 @@
NOTE: proactively fixed by the robustness patch
- twiki 20040902-2
CAN-2005-2876 (umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2
allows ...)
- - util-linux (unfixed; bug #328141; medium)
+ - util-linux (unfixed; bug #328141; bug #329063; medium)
- loop-aes-utils 2.12p-9 (bug #328626; medium)
CAN-2005-2875 (Py2Play allows remote attackers to execute arbitrary Python code
via ...)
- py2play (unfixed; bug #326976; medium)
@@ -1883,7 +1887,7 @@
- pdns 2.9.18-1 (medium; bug #318798)
CAN-2005-2301 (PowerDNS before 2.9.18, when running with an LDAP backend, does
not ...)
{DSA-771-1}
- - pdns 2.9.18-1 (medium; bug #318798
+ - pdns 2.9.18-1 (medium; bug #318798)
CAN-2005-2300 (Skype 1.1.0.20 and earlier allows local users to overwrite
arbitrary ...)
NOTE: not-for-us (Skype)
CAN-2005-2299 (Multiple cross-site scripting (XSS) vulnerabilities in Simple
Message ...)
@@ -3043,7 +3047,7 @@
- oops (unfixed; bug #318097; medium)
- rpm 4.0.4-31.1 (bug #318099; medium)
- rageircd 2.0.0-3sid1 (medium)
- - systemimager-ssh (unfixed; bug #318101; medium)
+ - systemimager-ssh (unfixed; bug #318101; unimportant)
- texmacs 1:1.0.5-3 (bug #318100; medium)
- zlib 1:1.2.2-7 (medium)
NOTE: fixed in experimental in 1:1.0.5.6-1, not yet in sid