Author: fw Date: 2005-10-03 11:00:32 +0000 (Mon, 03 Oct 2005) New Revision: 2285 Modified: data/CAN/list data/CVE/list Log: Assign bug number to the bugzilla issue. rxvt issue is already a CVE entry, not nust a CAN. Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-10-03 10:09:44 UTC (rev 2284) +++ data/CAN/list 2005-10-03 11:00:32 UTC (rev 2285) @@ -2,8 +2,6 @@ - htdig <unfixed> (bug #305996; unknown) CAN-2005-XXXX [clamav''s VERSION command does not return the currently loaded version] - clamav <unfixed> (bug #323803; low) -CAN-2003-0066 [rxvt: Arbitatrary command execution through escape sequences] - - rxvt 1:2.6.4-6.1 (bug #244810) CAN-2005-XXXX [smbmount doesn''t honor gid/uid with kernel 2.4] - kernel-source-2.4.27 <unfixed> (bug #310982) CAN-2004-XXXX [Minor dialog box origin spoofing vulnerability in Konqueror] @@ -56,7 +54,7 @@ CAN-2005-XXXX [DoS triggering endless loops in findutils -follow option] - findutils 4.2.22-1 (bug #313081) CAN-2005-XXXX [Two information disclosure vulnerabilities in Bugzilla] - - bugzilla <unfixed> (bug filed; medium) + - bugzilla <unfixed> (bug #331206; medium) CAN-2005-2966 [Arbitrary code execution in import of SVG files in dia] RESERVED - dia 0.94.0-15 (bug #330890; medium) Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-10-03 10:09:44 UTC (rev 2284) +++ data/CVE/list 2005-10-03 11:00:32 UTC (rev 2285) @@ -272,9 +272,9 @@ NOTE: Goran Weinholt <weinholt@debian.org> tell me that aterm 0.4.2 was NOTE: never vulnerable to the problem described. NOTE: this CVE is bogus. -CVE-2003-0066 - - RXVT 1:2.6.4-6.1 - NOTE: woody version are still vulnerable (bug #244810). +CVE-2003-0066 (rxvt: Arbitatrary command execution through escape sequences) + - rxvt 1:2.6.4-6.1 (bug #244810) + NOTE: woody version is still vulnerable CVE-2003-0065 NOTE: not-for-us (uxterm not in Debian) CVE-2003-0064