Author: micah
Date: 2005-09-29 15:50:01 +0000 (Thu, 29 Sep 2005)
New Revision: 2229
Modified:
data/CAN/list
data/DSA/list
Log:
DSA-833-1, DSA-822-1, rkhunter, and twiki waiting for bugnum
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-29 15:14:49 UTC (rev 2228)
+++ data/CAN/list 2005-09-29 15:50:01 UTC (rev 2229)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [rkhunter: Insecure temporary file]
+ - rkhunter 1.2.7-14 (bug #330627; medium)
CAN-2005-XXXX [fprobe-ng: Insecure default hash]
- fprobe-ng <unfixed> (bug #322699; low)
CAN-2005-3104 (mt-comments.cgi in Movable Type before 3.2 allows attackers to
...)
@@ -125,7 +127,8 @@
RESERVED
CAN-2005-3057
RESERVED
-CAN-2005-3056
+CAN-2005-3056 [TWiki INCLUDE function allows arbitrary shell command execution
]
+ - twiki <unfixed> (bug #; high
RESERVED
CAN-2005-3055 (Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a
denial ...)
- linux-2.6 <unfixed> (bug #330343; bug #330287; medium)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-09-29 15:14:49 UTC (rev 2228)
+++ data/DSA/list 2005-09-29 15:50:01 UTC (rev 2229)
@@ -1,3 +1,11 @@
+[29 Sep 2005] DSA-823-1 util-linux - privilege escalation
+ { CAN-2005-2876 }
+ - 2.12p-4sarge1 (high)
+ NOTE: not fixed in testing at time of DSA
+[29 Sep 2005] DSA-822-1 gtkdiskfree - insecure temporary file creation
+ { CAN-2005-2918 }
+ - 1.9.3-4sarge1 (medium)
+ NOTE: not fixed even in unstable at time of DSA
[29 Sep 2005] DSA-824-1 clamav - infinite loop, buffer overflow
{ CAN-2005-2919 CAN-2005-2920 }
- 0.84-2.sarge.4 (high)