Author: jmm-guest Date: 2005-10-06 12:45:06 +0000 (Thu, 06 Oct 2005) New Revision: 2328 Modified: data/CAN/list Log: new issues in weex and storebackup (already fixed in testing) Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-10-06 12:20:31 UTC (rev 2327) +++ data/CAN/list 2005-10-06 12:45:06 UTC (rev 2328) @@ -54,21 +54,23 @@ NOT-FOR-US: CubeCart CAN-2005-3151 (Buffer overflow in blenderplay in Blender Player 2.37a allows ...) - blender <unfixed> (bug #332313; low) -begin claimed by jmm CAN-2005-3150 (Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, ...) - TODO: check + - weex <unfixed> (bug filed; medium) CAN-2005-3149 (Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly ...) - uim <unfixed> (bug #331620; medium) CAN-2005-3148 (StoreBackup before 1.19 in SUSE Linux does not properly set the uid ...) - TODO: check + - storebackup 1.19-1 (bug filed) + NOTE: Bug filed for stable, fixed in testing/sid CAN-2005-3147 (StoreBackup before 1.19 in SUSE Linux creates the backup root with ...) - TODO: check + - storebackup 1.19-1 (bug filed; medium) + NOTE: Bug filed for stable, fixed in testing/sid CAN-2005-3146 (StoreBackup before 1.19 in SUSE Linux allows local users to perform ...) - TODO: check + - storebackup 1.19-1 (bug filed; medium) + NOTE: Bug filed for stable, fixed in testing/sid CAN-2005-3145 (httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Standard Based Linux Instrumentation CAN-2005-3144 (httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Standard Based Linux Instrumentation CAN-2005-3143 (Unspecified vulnerability in the Mailbox Server for 4D WebStar before ...) NOT-FOR-US: Mailbox Server for 4D WebStar CAN-2005-3142 (Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and ...) @@ -76,13 +78,14 @@ CAN-2005-3141 (Cerulean Studios Trillian 3.0 allows remote attackers to cause a ...) NOT-FOR-US: Trillian CAN-2005-3140 (Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions ...) - TODO: check + NOT-FOR-US: Procom NetFORCE +begin claimed by jmm CAN-2005-3137 (The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow ...) TODO: check CAN-2005-3136 (Directory traversal vulnerability in Virtools Web Player 3.0.0.100 and ...) TODO: check CAN-2005-3135 (Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows ...) - TODO: check + NOT-FOR-US: Virtools Web Player CAN-2005-3134 (Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote ...) TODO: check CAN-2005-3133 (Multiple directory traversal vulnerabilities in MERAK Mail Server ...)