Florian Weimer
2005-Sep-23 08:15 UTC
[Secure-testing-commits] r2119 - in data: CAN CVE DSA packages
Author: fw
Date: 2005-09-23 08:14:51 +0000 (Fri, 23 Sep 2005)
New Revision: 2119
Modified:
data/CAN/list
data/CVE/list
data/DSA/list
data/packages/removed-packages
Log:
Resolve more unknown packages. Leave the kernel packages untouched
because I''m not sure about them.
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-23 07:55:31 UTC (rev 2118)
+++ data/CAN/list 2005-09-23 08:14:51 UTC (rev 2119)
@@ -1257,12 +1257,12 @@
NOTE: not-for-us (XMB Forum)
CAN-2005-2573 (The mysql_create_function function in sql_udf.cc for MySQL 4.0
before ...)
- mysql not-affected (Windows specific mysql holes)
- - mysql-4.1 not-affected (Windows specific mysql holes)
- - mysql-5.0 not-affected (Windows specific mysql holes)
+ - mysql-dfsg-4.1 not-affected (Windows specific mysql holes)
+ - mysql-dfsg-5.0 not-affected (Windows specific mysql holes)
CAN-2005-2572 (MySQL, when running on Windows, allows remote authenticated
users with ...)
- mysql not-affected (Windows specific mysql holes)
- - mysql-4.1 not-affected (Windows specific mysql holes)
- - mysql-5.0 not-affected (Windows specific mysql holes)
+ - mysql-dfsg-4.1 not-affected (Windows specific mysql holes)
+ - mysql-dfsg-5.0 not-affected (Windows specific mysql holes)
CAN-2005-2571 (FunkBoard 0.66CF, and possibly earlier versions, does not
properly ...)
NOTE: not-for-us (FunkBoard)
CAN-2005-2570 (FunkBoard 0.66CF, and possibly earlier versions, allows remote
...)
@@ -11263,7 +11263,7 @@
NOTE: not-for-us (MSIE)
CAN-2004-1318 (Cross-site scripting (XSS) vulnerability in namazu.cgi for
Namazu ...)
{DSA-627-1}
- - namuzu2 2.0.14
+ - namazu2 2.0.14
CAN-2004-1317 (Stack-based buffer overflow in doexec.c in Netcat for Windows
1.1, ...)
NOTE: apparently only affects netcat in windows
CAN-2004-1316 (Heap-based buffer overflow in MSG_UnEscapeSearchUrl in ...)
@@ -11938,7 +11938,7 @@
CAN-2004-1026 (Multiple integer overflows in the image handler for imlib 1.9.14
and ...)
{DSA-628-1 DSA-618-1}
- imlib 1.9.14-17.1
- - imlib-png2 1.9.14-16.1
+ - imlib+png2 1.9.14-16.1
- imlib2 1.1.2-2.1
CAN-2004-1025 (Multiple heap-based buffer overflows in imlib 1.9.14 and
earlier, ...)
{DSA-618-1}
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-09-23 07:55:31 UTC (rev 2118)
+++ data/CVE/list 2005-09-23 08:14:51 UTC (rev 2119)
@@ -801,7 +801,7 @@
CVE-2002-1153
NOTE: not-for-us (IBM Websphere)
CVE-2002-1152
- - konqeror 3.03
+ - konqueror 3.03
CVE-2002-1151
{DSA-167}
CVE-2002-1148
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-09-23 07:55:31 UTC (rev 2118)
+++ data/DSA/list 2005-09-23 08:14:51 UTC (rev 2119)
@@ -40,7 +40,7 @@
NOTE: not fixed in testing at time of DSA (too young)
[12 Sep 2005] DSA-808-1 tdiary - design error
{CAN-2005-2411}
- - tdairy 2.0.2-1 (medium)
+ - tdiary 2.0.2-1 (medium)
NOTE: fixed in testing at time of DSA
[12 Sep 2005] DSA-807-1 libapache-mod-ssl - acl restriction bypass
{CAN-2005-2700}
@@ -831,7 +831,7 @@
[24 Dec 2004] DSA-618-1 imlib - buffer overflows, integer overflows
{CAN-2004-1025 CAN-2004-1026}
- imlib 1.9.14-17.1
- - imlib-png2 1.9.14-16.1
+ - imlib+png2 1.9.14-16.1
[24 Dec 2004] DSA-617-1 libtiff - insufficient input validation
{CAN-2004-1308}
- libtiff4 3.6.1-4
@@ -998,7 +998,6 @@
[15 Oct 2004] DSA-567-1 tiff - heap overflows
{CAN-2004-0803 CAN-2004-0804 CAN-2004-0886}
- tiff 3.6.1-2
- - tiff3g 3.6.1-2
[14 Oct 2004] DSA-566-1 cupsys - unsanitised input
{CAN-2004-0923}
- cupsys 1.1.20final+rc1-9
@@ -1062,9 +1061,9 @@
{CAN-2004-0817}
- imlib 1.9.14-17
- imlib+png2 1.9.14-16.2
-[16 Sep 2004] DSA-547-1 imagemagic - buffer overflows
+[16 Sep 2004] DSA-547-1 imagemagick - buffer overflows
{CAN-2004-0827}
- - imagemagic 6.0.6.2-1
+ - imagemagick 6.0.6.2-1
[16 Sep 2004] DSA-546-1 gdk-pixbuf - multiple holes
{CAN-2004-0753 CAN-2004-0782 CAN-2004-0788}
- gdk-pixbuf 0.22.0-7
@@ -1255,7 +1254,7 @@
- logcheck 1.1.1-13.2
[16 Apr 2004] DSA-487 neon - format string
{CAN-2004-0179}
- - newo 0.24.5-1
+ - neon 0.24.5-1
[16 Apr 2004] DSA-486 cvs - several vulnerabilities
{CAN-2004-0180 CAN-2004-0405}
- cvs 1:1.12.5-4
@@ -1860,10 +1859,10 @@
- libgtop 1.0.13-4
[06 May 2003] DSA-300 balsa - buffer overflow
{CAN-2003-0167}
- - balse 2.0.10
+ - balsa 2.0.10
[06 May 2003] DSA-299 leksbot - improper setuid-root execution
{CAN-2003-0262}
- - lexbot 1.2-5
+ - leksbot 1.2-5
[02 May 2003] DSA-298 epic4 - buffer overflows
{CAN-2003-0323}
- epic4 1:1.1.11.20030409-1
@@ -2206,7 +2205,7 @@
- masqmail 0.2.15-1
[11 Nov 2002] DSA-193 kdenetwork - buffer overflow
{CAN-2002-1247}
- - kdenetwok 2.2.2-14.3
+ - kdenetwork 2.2.2-14.3
[08 Nov 2002] DSA-192 html2ps - arbitrary code execution
{CAN-2002-1275}
- html2ps 1.0b3-2
Modified: data/packages/removed-packages
==================================================================---
data/packages/removed-packages 2005-09-23 07:55:31 UTC (rev 2118)
+++ data/packages/removed-packages 2005-09-23 08:14:51 UTC (rev 2119)
@@ -1,5 +1,6 @@
# This file lists packages which are no longer present in the Debian
# archive, one per line.
+netjuke
openwebmail
xerces24