Author: jmm-guest
Date: 2005-09-29 15:59:21 +0000 (Thu, 29 Sep 2005)
New Revision: 2230
Modified:
data/CAN/list
Log:
eric, thunderbird, gtkdiskfree and cpio fixed
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-09-29 15:50:01 UTC (rev 2229)
+++ data/CAN/list 2005-09-29 15:59:21 UTC (rev 2230)
@@ -85,7 +85,7 @@
CAN-2005-3069 (xferfaxstats in HylaFax 4.2.1 and earlier allows local users to
...)
- hylafax 1:4.2.2+rc1 (bug #329384; low)
CAN-2005-3068 (Unspecified vulnerability in Eric Integrated Development
Environment ...)
- - eric <unfixed> (bug #330608; unknown)
+ - eric 3.7.2-1 (bug #330608; unknown)
CAN-2005-3067 (Cross-site scripting (XSS) vulnerability in perldiver.cgi in
PerlDiver ...)
NOT-FOR-US: PerlDiver
CAN-2005-3066 (Cross-site scripting (XSS) vulnerability in perldiver.pl in
PerlDiver ...)
@@ -128,7 +128,7 @@
CAN-2005-3057
RESERVED
CAN-2005-3056 [TWiki INCLUDE function allows arbitrary shell command execution
]
- - twiki <unfixed> (bug #; high
+ - twiki <unfixed> (bug #; high)
RESERVED
CAN-2005-3055 (Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a
denial ...)
- linux-2.6 <unfixed> (bug #330343; bug #330287; medium)
@@ -336,7 +336,7 @@
CAN-2005-2968 (Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute
arbitrary ...)
- mozilla-firefox <not-affected> (Debian ships a non-vulnerable wrapper
script)
- mozilla <not-affected> (Debian ships a non-vulnerable wrapper script)
- - mozilla-thunderbird <unfixed> (bug #329667; bug #329664; high)
+ - mozilla-thunderbird 1.0.6-4 (bug #329667; bug #329664; high)
CAN-2005-2967
RESERVED
CAN-2005-2966
@@ -532,7 +532,7 @@
{DTSA-19-1}
- clamav 0.87-1 (bug #328660; medium)
CAN-2005-2918 (The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and
...)
- - gtkdiskfree (bug #328566; low)
+ - gtkdiskfree 1.9.3-4sarge1 (bug #328566; low)
CAN-2005-3044 (Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow
local ...)
TODO: Pinged Horms for 2.4
- linux-2.6 2.6.12-7 (medium)
@@ -883,7 +883,7 @@
RESERVED
CAN-2005-2710 (Format string vulnerability in Real HelixPlayer and RealPlayer
10 ...)
NOTE: see http://www.open-security.org/advisories/13
- - helix-player <unfixed> (bug #330364; high)
+ - helix-player 1.0.6-1 (bug #330364; high)
CAN-2005-2709
RESERVED
CAN-2005-2708
@@ -7179,7 +7179,7 @@
CAN-2005-1230 (Directory traversal vulnerability in Yawcam 0.2.5 allows remote
...)
NOT-FOR-US: Yawcan
CAN-2005-1229 (Directory traversal vulnerability in cpio 2.6 and earlier
allows ...)
- - cpio <unfixed> (bug #306693; medium)
+ - cpio 2.6-6 (bug #306693; medium)
CAN-2005-1228 (Directory traversal vulnerability in gunzip -N in gzip 1.2.4
through ...)
{DSA-752-1}
- gzip 1.3.5-10
@@ -7582,7 +7582,7 @@
CAN-2005-1112 (IBM WebSphere Application Server 6.0 and earlier, when sharing
the ...)
NOT-FOR-US: IBM Websphere
CAN-2005-1111 (Race condition in cpio 2.6 and earlier allows local users to
modify ...)
- - cpio <unfixed> (bug #305372; low)
+ - cpio 2.6-6 (bug #305372; low)
CAN-2005-1110 (Stack-based buffer overflow in the RespondeHTTPPendiente
function in ...)
NOT-FOR-US: Sumus web server
CAN-2005-1109 (The filtering of URLs in JunkBuster before 2.0.2-r3 allows
remote ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
