Author: jmm-guest Date: 2005-09-27 21:19:10 +0000 (Tue, 27 Sep 2005) New Revision: 2203 Modified: data/CAN/list Log: restore provisional helix title (if provisionary titles are written in round brackets, they''ll be wiped off by the update) more bugnums Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-09-27 21:14:17 UTC (rev 2202) +++ data/CAN/list 2005-09-27 21:19:10 UTC (rev 2203) @@ -4,7 +4,7 @@ CAN-1999-XXXX [Insecure access control on GNU Mach''s IO ports] - gnumach <unfixed> (bug #46709) NOTE: Nearly six years old :-) -CAN-2005-XXXX +CAN-2005-XXXX [Helix player format string vulnerability] NOTE: see http://www.open-security.org/advisories/13 - helix-player <unfixed> (bug #330364; high) CAN-2005-3060 @@ -18,7 +18,7 @@ CAN-2005-3056 RESERVED CAN-2005-3055 (Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial ...) - - linux-2.6 <unfixed> (bug #330343; medium) + - linux-2.6 <unfixed> (bug #330343; bug #330287; medium) CAN-2005-3054 (fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not ...) - php4 <unfixed> (bug #353585; medium) - php5 <unfixed> (bug #353585; medium) @@ -11334,7 +11334,7 @@ CAN-2004-1298 (Buffer overflow in the parse function in vb2c.c for vb2c 0.02 allows ...) NOT-FOR-US: vb2c CAN-2004-1297 (Buffer overflow in the process_font_table function in convert.c for ...) - - unrtf 0.19.3-1.1 + - unrtf 0.19.3-1.1 (bug #287038) CAN-2004-1296 (The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow ...) - groff 1.18.1.1-5 CAN-2004-1295 (The slip_down function in slip.c for the uml_net program in ...) @@ -12527,8 +12527,8 @@ NOTE: All 2.4 and 2.6 kernels verify the TCP sequence numbering when errors occur NOTE: Kernel will never abort due to an ICMP packet CAN-2004-0790 (Multiple TCP/IP and ICMP implementations allow remote attackers to ...) - - kernel-source-2.6.8 2.6.8-16 - - kernel-source-2.4.27 2.4.27-10 + - kernel-source-2.6.8 2.6.8-16 (bug #305664) + - kernel-source-2.4.27 2.4.27-10 (bug #305664) CAN-2004-0789 (Multiple implementations of the DNS protocol, including (1) Poslib ...) TODO: check CAN-2004-0788 (Integer overflow in the ICO image decoder for (1) gdk-pixbuf before ...)