Author: jmm-guest Date: 2005-09-29 14:06:27 +0000 (Thu, 29 Sep 2005) New Revision: 2227 Modified: data/CAN/list Log: bugnums + fprobe-ng issue from the BTS Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-09-29 13:41:01 UTC (rev 2226) +++ data/CAN/list 2005-09-29 14:06:27 UTC (rev 2227) @@ -1,3 +1,5 @@ +CAN-2005-XXXX [fprobe-ng: Insecure default hash] + - fprobe-ng <unfixed> (bug #322699; low) CAN-2005-3104 (mt-comments.cgi in Movable Type before 3.2 allows attackers to ...) NOT-FOR-US: Movable Type CAN-2005-3103 (Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 ...) @@ -26,9 +28,9 @@ CAN-2005-3092 (Heap-based buffer overflow in Image-Line Software FL Studio 5.0.1 ...) NOT-FOR-US: Image-Line Software FL Studio CAN-2005-3091 (Cross-site scripting (XSS) vulnerability in Mantis before 1.0.0rc1 ...) - - mantis <unfixed> (bug filed; unknown) + - mantis <unfixed> (bug #330682; unknown) CAN-2005-3090 (Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php ...) - - mantis <unfixed> (bug filed; unknown) + - mantis <unfixed> (bug #330682; unknown) CAN-2005-3089 (Firefox 1.0.6 allows attackers to cause a denial of service (crash) ...) TODO: file a bug, it''s not really clear, whether this has security implications CAN-2005-3088 @@ -3526,7 +3528,7 @@ - ia32-libs <unfixed> (bug #317971; medium) NOTE: dar-static claimed not used on untrusted input by maintainer in #317989 - bacula 1.36.3-2 (medium) - - sash 3.7-6 (medium) + - sash 3.7-6 (bug #318246; medium) - libphysfs-1.0-0 1.0.0-5 (medium) - oops <unfixed> (bug #318097; medium) - rpm 4.0.4-31.1 (bug #318099; medium)