Author: joeyh
Date: 2005-09-24 16:28:39 +0000 (Sat, 24 Sep 2005)
New Revision: 2158
Modified:
data/DSA/list
Log:
get rid of old ! thing that was used to indicate an unfixed issue back
before we had scripts to list them
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-09-24 16:22:59 UTC (rev 2157)
+++ data/DSA/list 2005-09-24 16:28:39 UTC (rev 2158)
@@ -1124,20 +1124,20 @@
- libapache-mod-ssl 2.8.19-1
[20 Jul 2004] DSA-531 php4 - several vulnerabilities
{CAN-2004-0594 CAN-2004-0595}
- ! php4 4:4.3.8-1
+ - php4 4:4.3.8-1
[17 Jul 2004] DSA-530 l2tpd - buffer overflow
{CAN-2004-0649}
- l2tpd 0.70-pre20031121-2
[17 Jul 2004] DSA-529 netkit-telnet-ssl - format string
{CAN-2004-0640}
- ! netkit-telnet-ssl 0.17.24+0.1-2
+ - netkit-telnet-ssl 0.17.24+0.1-2
[17 Jul 2004] DSA-528 ethereal - denial of service
{CAN-2004-0635}
- ethereal 0.10.5-1
[03 Jul 2004] DSA-527 pavuk - buffer overflow
{CAN-2004-0456}
NOTE: DSA is incorrect; pavuk is in sarge and unstable.
- ! pavuk 0.9pl28-3
+ - pavuk 0.9pl28-3
[03 Jul 2004] DSA-526 webmin - several vulnerabilities
{CAN-2004-0582 CAN-2004-0583}
- webmin 1.150-1
@@ -1173,7 +1173,7 @@
- postgresql 07.03.0200-3.
[05 Jun 2004] DSA-515 lha - several vulnerabilities
{CAN-2004-0234 CAN-2004-0235}
- ! lha 1.14i-8
+ - lha 1.14i-8
NOTE: If 1.14i-8 cannot get into testing, the fix for 1.14i-2.0.1
NOTE: from the DSA could to updated via t-p-u.
[04 Jun 2004] DSA-514 kernel-image-sparc-2.2 - failing function and TLB flush
@@ -1182,7 +1182,7 @@
NOTE: did not check other versions of the kernel
[03 Jun 2004] DSA-513 log2mail - format string
{CAN-2004-0450}
- ! log2mail 0.2.8-3
+ - log2mail 0.2.8-3
[02 Jun 2004] DSA-512 gallery - unauthenticated access
{CAN-2004-0522}
- gallery 1.4.3-pl2-1
@@ -1389,7 +1389,7 @@
- pwlib 1.5.2-4
[22 Feb 2004] DSA-447 hsftp - format string
{CAN-2004-0159}
- ! hsftp 1.15-1
+ - hsftp 1.15-1
[21 Feb 2004] DSA-446 synaesthesia - insecure file creation
{CAN-2004-0160}
NOTE: DSA notes not setuid anymore so ok
@@ -1554,7 +1554,7 @@
- thttpd 2.23beta1-2.3
[15 Oct 2003] DSA-395 tomcat4 - incorrect input handling
{CAN-2003-0866}
- ! tomcat4 4.1.24-2
+ - tomcat4 4.1.24-2
NOTE: another RC (unreproducible?) bug and missing deps (#263201)
NOTE: are keeping the fix out of testing
[11 Oct 2003] DSA-394 openssl095 - ASN.1 parsing vulnerability
@@ -1748,7 +1748,7 @@
- proftpd 1.2.8-8
[29 Jun 2003] DSA-337 gtksee - buffer overflow
{CAN-2003-0444}
- ! gtksee 0.5.6-1
+ - gtksee 0.5.6-1
[29 Jun 2003] DSA-336 linux-kernel-2.2.20 - several vulnerabilities
{CAN-2002-1380 CVE-2002-0429 CAN-2003-0001 CAN-2003-0127 CAN-2003-0364
CAN-2003-0246 CAN-2003-0244 CAN-2003-0247 CAN-2003-0248}
- kernel-source-2.2.25 2.2.25-3
@@ -2109,7 +2109,7 @@
- xpdf 2.01-2
[09 Jan 2003] DSA-225 tomcat4 - source disclosure
{CAN-2002-1394}
- ! tomcat4 4.1.16-1
+ - tomcat4 4.1.16-1
NOTE: another RC (unreproducible?) bug and missing deps (#263201)
NOTE: are keeping the fix out of testing
NOTE: this is the second unfixed security hole in tomcat4 in testing..
@@ -2292,7 +2292,7 @@
NOTE: fetchmail-ssl not in testing, fixed in unstable (fetchmail-ssl 6.1.0-1)
[04 Oct 2002] DSA-170 tomcat4 - source code disclosure
{CAN-2002-1148}
- ! tomcat4 4.1.12-1
+ - tomcat4 4.1.12-1
NOTE: only 4.0.4-4 in testing (which seems to be vulnerable)
[25 Sep 2002] DSA-169 htcheck - cross site scripting
{CAN-2002-1195}