Author: jmm-guest
Date: 2005-09-23 22:55:25 +0000 (Fri, 23 Sep 2005)
New Revision: 2141
Modified:
data/CAN/list
Log:
switch to <not-affected>
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-23 22:51:00 UTC (rev 2140)
+++ data/CAN/list 2005-09-23 22:55:25 UTC (rev 2141)
@@ -516,7 +516,7 @@
CAN-2005-2808 (frox 0.7.16 and 0.7.17 does not properly parse certain Deny
ACLs, ...)
- frox 0.7.18-1 (medium)
CAN-2005-2807 (frox 0.7.18, when running setuid root, does not properly drop
...)
- - frox not-affected (does not run setuid root in the Debian package)
+ - frox <not-affected> (does not run setuid root in the Debian package)
CAN-2005-2806 (client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier
allows ...)
NOTE: not-for-us (BNBT EasyTracker)
CAN-2005-2805 (forum_post.php in e107 0.6 allows remote attackers to post to
...)
@@ -1255,13 +1255,13 @@
CAN-2005-2574 (xmb.php in XMB Forum 1.9.1 extracts and defines all provided
...)
NOTE: not-for-us (XMB Forum)
CAN-2005-2573 (The mysql_create_function function in sql_udf.cc for MySQL 4.0
before ...)
- - mysql not-affected (Windows specific mysql holes)
- - mysql-dfsg-4.1 not-affected (Windows specific mysql holes)
- - mysql-dfsg-5.0 not-affected (Windows specific mysql holes)
+ - mysql <not-affected> (Windows specific mysql holes)
+ - mysql-dfsg-4.1 <not-affected> (Windows specific mysql holes)
+ - mysql-dfsg-5.0 <not-affected> (Windows specific mysql holes)
CAN-2005-2572 (MySQL, when running on Windows, allows remote authenticated
users with ...)
- - mysql not-affected (Windows specific mysql holes)
- - mysql-dfsg-4.1 not-affected (Windows specific mysql holes)
- - mysql-dfsg-5.0 not-affected (Windows specific mysql holes)
+ - mysql <not-affected> (Windows specific mysql holes)
+ - mysql-dfsg-4.1 <not-affected> (Windows specific mysql holes)
+ - mysql-dfsg-5.0 <not-affected> (Windows specific mysql holes)
CAN-2005-2571 (FunkBoard 0.66CF, and possibly earlier versions, does not
properly ...)
NOTE: not-for-us (FunkBoard)
CAN-2005-2570 (FunkBoard 0.66CF, and possibly earlier versions, allows remote
...)
@@ -6409,7 +6409,7 @@
CAN-2003-1139 (Musicqueue 1.2.0 allows local users to overwrite arbitrary files
by ...)
NOTE: not-for-us (Musicqueue)
CAN-2003-1138 (The default configuration of Apache 2.0.40, as shipped with Red
Hat ...)
- - apache2 not-affected (Red Hat specific default config)
+ - apache2 <not-affected> (Red Hat specific default config)
CAN-2003-1137 (Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote
attackers to ...)
NOTE: not-for-us (sh-httpd)
CAN-2003-1136 (Cross-site scripting (XSS) vulnerability in Chi Kien Uong
Guestbook ...)
@@ -9359,7 +9359,7 @@
TODO: check heimdal, netkit-telnet-ssl
- krb4 <unfixed> (low)
- krb5 <unfixed> (low)
- - netkit-telnet not-affected (netkit-telnet is not affected)
+ - netkit-telnet <not-affected> (netkit-telnet is not affected)
CAN-2004-1639 (Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913
allows ...)
NOTE: This is not a real security issue; it just describes the fact that the
Gecko
NOTE: engine of the Mozillae may be lead into a crash if you feed it with
large chunks
@@ -9767,7 +9767,7 @@
NOTE: fix between 2.6.11 and 2.6.12, see
NOTE:
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1e01441051dda3bb01c455b6e20bce6d00563d82"
- kernel-source-2.6.8 <unfixed> (bug #295949; high)
- - linux-2.6 not-affected
+ - linux-2.6 <not-affected>
CAN-2005-0448 (Race condition in the rmtree function in File::Path.pm in Perl
before ...)
{DSA-696-1}
- perl 5.8.4-7
@@ -9870,7 +9870,7 @@
NOTE: On woody, kmail is part of kdenetwork, but there is no GnuPG
NOTE: support, so this issue is not very important.
CAN-2005-0403 (init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat
...)
- - glibc not-affected (Specific to the NPTL backport for RHEL 3)
+ - glibc <not-affected> (Specific to the NPTL backport for RHEL 3)
CAN-2005-0402 (Firefox before 1.0.2 allows remote attackers to execute
arbitrary code ...)
- mozilla-firefox 1.0.2-1
CAN-2005-0401 (FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently
address all ...)