Author: fw
Date: 2005-10-09 17:10:44 +0000 (Sun, 09 Oct 2005)
New Revision: 2374
Modified:
data/CAN/list
Log:
Resolve a few more TODOs for CANs in old DSAs.
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-10-09 16:53:38 UTC (rev 2373)
+++ data/CAN/list 2005-10-09 17:10:44 UTC (rev 2374)
@@ -11237,7 +11237,7 @@
RESERVED
CAN-2005-0152 (PHP remote code injection vulnerability in Squirrelmail 1.2.6
allows ...)
{DSA-662-1}
- TODO: check
+ NOTE: This bug exists only in version 1.2.6.
CAN-2005-0151 (Unknown vulnerability in the installation of Adobe License
Management ...)
NOT-FOR-US: Adobe License Management Software
CAN-2005-0150 (Firefox before 1.0 allows the user to store a (1) javascript: or
(2) ...)
@@ -11358,6 +11358,7 @@
CAN-2005-0104 (Cross-site scripting (XSS) vulnerability in webmail.php in ...)
{DSA-662-1}
TODO: check
+ - squirrelmail 2:1.4.4
CAN-2005-0103 (PHP remote code injection vulnerability in webmail.php in
SquirrelMail ...)
- squirrelmail 2:1.4.4-1
CAN-2005-0102 (Integer overflow in camel-lock-helper in Evolution 2.0.2 and
earlier ...)
@@ -11395,7 +11396,9 @@
NOTE: apparently specific to redhat hugemem kernel
CAN-2005-0089 (The SimpleXMLRPCServer library module in Python 2.2, 2.3 before
2.3.5, ...)
{DSA-666-1}
- TODO: check
+ - python2.2 2.2.3-14
+ - python2.3 2.3.4+2.3.5c1-2
+ - python2.4 2.4-5
CAN-2005-0088 (The publisher handler for mod_python 2.7.8 and earlier allows
remote ...)
{DSA-689-1}
- libapache2-mod-python 3.1.3-3
@@ -19331,6 +19334,7 @@
CAN-2000-0005 (HP-UX aserver program allows local users to gain privileges via
a ...)
CAN-1999-1572 (cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other
...)
{DSA-664-1}
+ - cpio 2.5-1.2 (bug #293379)
CAN-1999-1571 (Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5
may ...)
CAN-1999-1570 (Buffer overflow in sar for OpenServer 5.0.5 allows local users
to gain ...)
CAN-1999-1569 (Quake 1 and NetQuake servers allow remote attackers to cause a
denial ...)