/[secure-testing]/data/DSA/list

Diff of /data/DSA/list

Parent Directory | Revision Log | View Patch Patch

-sarge-checks/DSA/list
revision 221 by joeyh,
Fri Dec 31 17:07:58 2004 UTC
+data/DSA/list
revision 1434 by jmm-guest,
Tue Jul 19 08:01:18 2005 UTC
 Line 1
+ [19 Jul 2005] DSA-761-1 heartbeat - insecure temporary files
+         {CAN-2005-2231}
+         - heartbeat 1.2.3-12
+         NOTE: not fixed in testing at time of DSA (only 0/2 days old)
+ [18 Jul 2005] DSA-760-1 ekg - several
+         {CAN-2005-1850 CAN-2005-1851 CAN-2005-1916}
+         - ekg 1.5+20050712+1.6rc2-1 (low)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies, not built on five archs)
+ [18 Jul 2005] DSA-759-1 phppgadmin - missing input sanitising
+         {CAN-2005-2256}
+         - phppgadmin 3.5.4-1 (medium)
+         NOTE: not fixed in testing at time of DSA (only 0/10 days old)
+ [18 Jul 2005] DSA-758-1 heimdal - buffer overflow
+         {CAN-2005-2040}
+         - heimdal 0.6.3-11 (medium)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies)
+ [17 Jul 2005] DSA-757-1 krb5 - buffer overflow, double-free memory
+         {CAN-2005-1689 CAN-2005-1174 CAN-2005-1175}
+         - krb5 1.3.6-4 (medium)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies, not built on m68k)
+ [14 Jul 2005] DSA-746-1 phpgroupware - remote command execution
+         {CAN-2005-1921}
+         - phpgroupware 0.9.16.006-1 (high)
+         NOTE: fixed in testing at time of DSA
+ [13 Jul 2005] DSA-756-1 squirrelmail - several
+         {CAN-2005-1769 CAN-2005-2095}
+         - squirrelmail 2:1.4.4-6 (medium)
+         NOTE: not fixed in testing at time of DSA (only 0/2 days old)
+ [13 Jul 2005] DSA-755-1 tiff - buffer overflow
+         {CAN-2005-1544}
+         - tiff 3.7.2-3 (medium)
+         NOTE: fixed in testing at time of DSA
+ [13 Jul 2005] DSA-754-1 centericq - insecure temporary file
+         {CAN-2005-1914}
+         - centericq 4.20.0-7 (low)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies)
+ [12 Jul 2005] DSA-753-1 gedit - format string
+         {CAN-2005-1686}
+         - gedit 2.10.3-1 (low)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies)
+ [11 Jul 2005] DSA-752-1 gzip - several
+         {CAN-2005-0988 CAN-2005-1228}
+         - gzip 1.3.5-10
+         NOTE: fixed in testing at time of DSA
+ [11 Jul 2005] DSA-751-1 squid - IP spoofind
+         {CAN-2005-1519}
+         - squid 2.5.9-9
+         NOTE: fixed in testing at time of DSA
+ [10 Jul 2005] DSA-748-1 ruby1.8 - bad default value
+         {CAN-2005-1992}
+         - ruby1.8 1.8.2-8 (medium)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies)
+ [11 Jul 2005] DSA-750-1 dhcpcd - out-of-bound memory access
+         {CAN-2005-1848}
+         - dhcpcd 1.3.22pl4-22
+         NOTE: fixed in testing at time of DSA
+ [10 Jul 2005] DSA-749-1 ettercap - format string error
+         {CAN-2005-1796}
+         - ettercap 0.7.3-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [10 Jul 2005] DSA-747-1 egroupware - input validation error
+         {CAN-2005-1921}
+         - egroupware 1.0.0.007-3.dfsg-1 (high)
+         NOTE: not fixed in testing at time of DSA (only 1/2 days old)
+ [10 Jul 2005] DSA-745-1 drupal - arbitrary command execution
+         {CAN-2005-1921 CAN-2005-2106 CAN-2005-2116}
+         - drupal 4.5.4-1 (high)
+         NOTE: fixed in testing at time of DSA
+ [08 Jul 2005] DSA-744-1 fuse - programming error
+         {CAN-2005-1858}
+         - fuse 2.3.0-1
+         NOTE: fixed in testing at time of DSA
+ [08 Jul 2005] DSA-743-1 ht - buffer overflows, integer overflows
+         {CAN-2005-1545 CAN-2005-1546}
+         - ht 0.8.0-3
+         NOTE: fixed in testing at time of DSA
+ [09 Jul 2005] DSA-742-1 cvs - buffer overflow
+         {CAN-2005-0753}
+         - cvs 1:1.12.9-13 (high)
+         NOTE: fixed in testing at time of DSA
+ [07 Jul 2005] DSA-741-1 bzip2 - infinite loop
+         {CAN-2005-1260}
+         - bzip2 1.0.2-7 (low)
+         NOTE: fixed in testing at time of DSA
+ [06 Jul 2005] DSA-740-1 zlib - buffer overflow
+         {CAN-2005-2096}
+         - zlib 1.2.2-7 (medium)
+         NOTE: anything statically linking zlib needs rebuild
+         TODO: check rest/coord with Kurt Roeckx
+         - aide (unfixed; bug #317523; medium)
+         NOTE: not fixed in testing at time of DSA (embargoed disclosure)
+ [06 Jul 2005] DSA-739-1 trac - missing input sanitising
+         {CAN-2005-2007}
+         - trac 0.8.4-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [19 May 2005] DSA-725-2 ppxp - missing privilege release
+         {CAN-2005-0392}
+         - ppxp 0.2001080415-11
+         NOTE: fixed in testing at time of DSA
+ [05 Jul 2005] DSA-738-1 razor - email header parsing error
+         {CAN-2005-2024}
+         - razor 2.720-1 (low)
+         NOTE: not fixed in testing at time of DSA (not built on arm)
+ [05 Jul 2005] DSA-737-1 clamav - various DOS vulnerabilities
+         {CAN-2005-1922 CAN-2005-1923 CAN-2005-2056 CAN-2005-2070}
+         - clamav 0.86.1-1 (medium)
+         NOTE: not fixed in testing at time of DSA (uploaded with low urgency only, one fix missing for sid)
+ [05 Jul 2005] DSA-734-1 gaim - denial of service
+         {CAN-2005-1269 CAN-2005-1934}
+         - gaim 1.3.1-1
+         NOTE: not fixed in testing at time of DSA (not built on sparc)
+ [01 Jul 2005] DSA-736-2 spamassassin - mail header parsing error
+         {CAN-2005-1266}
+         - spamassassin 3.0.4-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [01 Jul 2005] DSA-736-1 spamassassin - mail header parsing error
+         {CAN-2005-1266}
+         - spamassassin 3.0.4-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [08 Jul 2005] DSA-735-2 sudo - pathname validation race
+         {CAN-2005-1993}
+         - sudo 1.6.8p9-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [01 Jul 2005] DSA-735-2 sudo - pathname validation race
+         {CAN-2005-1993}
+         - sudo 1.6.8p9-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [01 Jul 2005] DSA-735-1 sudo - pathname validation race
+         {CAN-2005-1993}
+         - sudo 1.6.8p9-1 (medium)
+         NOTE: not fixed in testing at time of DSA
+ [30 Jun 2005] DSA-733-1 crip - insecure temporary files
+         {CAN-2005-0393}
+         - crip 3.5-1sarge2 (low)
+         NOTE: not fixed in testing at time of DSA (reserved)
+ [03 Jun 2005] DSA-732-1 mailutils - several
+         {CAN-2005-1520 CAN-2005-1521 CAN-2005-1522 CAN-2005-1523}
+         - mailutils 0.6.1-4
+         NOTE: fixed in testing at time of DSA
+ [02 Jun 2005] DSA-731-1 krb4 - buffer overflows
+         {CAN-2005-0468 CAN-2005-0468}
+         - krb4 1.2.2-11.2
+         NOTE: fixed in testing at time of DSA
+ [27 May 2005] DSA-730-1 bzip2 - race condition
+         {CAN-2005-0953}
+         - bzip2 1.0.2-6
+         NOTE: fixed in testing at time of DSA
+ [26 May 2005] DSA-729-1 php4 - missing input sanitising
+         {CAN-2005-0525}
+         - php4 4.3.10-10
+         NOTE: fixed in testing at time of DSA
+ [25 May 2005] DSA-728-1 qpopper - missing privilege release
+         {CAN-2005-1151 CAN-2005-1152}
+         - qpopper 4.0.5-4sarge1
+         NOTE: fixed in testing at time of DSA by security team
+ [20 May 2005] DSA-727-1 libconvert-uulib-perl - buffer overflow
+         {CAN-2005-1349}
+         - libconvert-uulib-perl 1.0.5.1-1
+         NOTE: fixed in testing at time of DSA
+ [20 May 2005] DSA-726-1 oops - format string vulnerability
+         {CAN-2005-1121}
+         - oops (unfixed; bug #307360)
+         NOTE: not in testing at time of DSA
+ [19 May 2005] DSA-725-1 ppxp - missing privilege release
+         {CAN-2005-0392}
+         - ppxp 0.2001080415-11
+         NOTE: not fixed in testing at time of DSA
+ [18 May 2005] DSA-724-1 phpsysinfo - design flaw
+         {CAN-2005-0870}
+         - phpsysinfo 2.3-3
+         NOTE: fixed in testing at time of DSA
+ [09 May 2005] DSA-723-1 xfree86 - buffer overflow
+         {CAN-2005-0605}
+         - xfree86 4.3.0.dfsg.1-13
+         NOTE: not fixed in testing at time of DSA
+ [09 May 2005] DSA-722-1 smail - buffer overflow
+         {CAN-2005-0892}
+         NOTE: Package not in testing at time of DSA
+ [06 May 2005] DSA-721-1 squid - design flaw
+         {CAN-2005-1345}
+         - squid 2.5.9-7
+         NOTE: not fixed in testing at time of DSA
+ [03 May 2005] DSA-720-1 smartlist - wrong input processing
+         {CAN-2005-0157}
+         - smartlist 3.15-18
+         NOTE: fixed in testing at time of DSA
+ [28 Apr 2005] DSA-719-1 prozilla - format string problems
+         {CAN-2005-0523}
+         - prozilla 1:1.3.7.4-1
+         NOTE: fixed in testing at time of DSA
+ [28 Apr 2005] DSA-718-1 ethereal - buffer overflow
+         {CAN-2005-0739}
+         - ethereal 0.10.10-1
+         NOTE: fixed in testing at time of DSA
+ [27 Apr 2005] DSA-717-1 lsh-utils - buffer overflow, typo
+         {CAN-2003-0826 CAN-2005-0814}
+         - lsh-utils 2.0.1-2
+         NOTE: fixed in testing at time of DSA
+ [27 Apr 2005] DSA-716-1 gaim - denial of service
+         {CAN-2005-0472}
+         - gaim 1.1.3-1
+         NOTE: fixed in testing at time of DSA
+ [27 Apr 2005] DSA-715-1 cvs - several
+         {CAN-2004-1342 CAN-2004-1343}
+         - cvs 1.12.9-12
+         NOTE: not fixed in testing at time of DSA
+ [26 Apr 2005] DSA-714-1 kdelibs - several
+         {CAN-2005-1046}
+         - kdelibs 4:3.3.2-5
+         NOTE: not fixed in testing at time of DSA
+ [21 Apr 2005] DSA-701-2 samba - integer overflows
+         NOTE: only a bug in the backported fix to stable, testing is ok
+ [21 Apr 2005] DSA-713-1 junkbuster - several
+         {CAN-2005-1108 CAN-2005-1109}
+         NOTE: package not in testing/unstable
+ [19 Apr 2005] DSA-712-1 geneweb - insecure file operations
+         {CAN-2005-0391}
+         - geneweb 4.10-7
+         NOTE: fixed in testing at time of DSA
+ [19 Apr 2005] DSA-711-1 info2www - missing input sanitising
+         {CAN-2004-1341}
+         - info2www 1.2.2.9-23
+         NOTE: fixed in testing at time of DSA
+ [18 Apr 2005] DSA-710-1 gtkhtml - null pointer dereference
+         {CAN-2003-0541}
+         - gtkhtml 1.0.4-6.2
+         NOTE: fixed in testing at time of DSA
+ [15 Apr 2005] DSA-709-1 libexif - buffer overflow
+         {CAN-2005-0664}
+         - libexif 0.6.9-5
+ [15 Apr 2005] DSA-708-1 php3 - missing input sanitising
+         {CAN-2005-0525}
+         - php3 3.0.18-31
+ [13 Apr 2005] DSA-707-1 mysql - several
+         {CAN-2004-0957 CAN-2005-0709 CAN-2005-0710 CAN-2005-0711}
+         - mysql-dfsg 4.0.24-5
+         - mysql-dfsg-4.1 4.1.10a-6
+         NOTE: not fixed in testing at time of DSA
+ [13 Apr 2005] DSA-706-1 axel - buffer overflow
+         {CAN-2005-0390}
+         - axel 1.0b-1
+         NOTE: fixed in testing at time of DSA
+ [04 Apr 2005] DSA-705-1 wu-ftpd - missing input sanitising
+         {CAN-2005-0256 CAN-2003-0854}
+         - wu-ftpd 2.6.2-19
+ [04 Apr 2005] DSA-704-1 remstats - tempfile, missing input sanitising
+         {CAN-2005-0387 CAN-2005-0388}
+         - remstats 1.0.13a-5
+         NOTE: not fixed in testing at time of DSA
+ [01 Apr 2005] DSA-703-1 krb5 - buffer overflows
+         {CAN-2005-0468 CAN-2005-0469}
+         - krb5 1.3.6-1
+ [01 Apr 2005] DSA-702-1 imagemagick - several
+         {CAN-2005-0397 CAN-2005-0759 CAN-2005-0760 CAN-2005-0762}
+         - imagemagick 6.0.6.2-2.2
+ [31 Mar 2005] DSA-701-1 samba - integer overflows
+         {CAN-2004-1154}
+         - samba 3.0.10-1
+ [30 Mar 2005] DSA-700-1 mailreader - missing input sanitising
+         {CAN-2005-0386}
+         - mailreader 2.3.29-11
+         NOTE: not fixed in testing at time of DSA
+ [29 Mar 2005] DSA-699-1 netkit-telnet-ssl - buffer overflow
+         {CAN-2005-0469}
+         - netkit-telnet-ssl 0.17.24+0.1-7.1
+         NOTE: not fixed in testing at time of DSA
+ [29 Mar 2005] DSA-698-1 mc - buffer overflow
+         {CAN-2005-0763}
+         NOTE: Not clear which unstable/testing version fixed this,
+         NOTE: but advisory says it's fixed.
+ [29 Mar 2005] DSA-697-1 netkit-telnet - buffer overflow
+         {CAN-2005-0469}
+         - netkit-telnet 0.17-28
+         NOTE: not fixed in testing at time of DSA
+ [22 Mar 2005] DSA-696-1 perl - design flaw
+         {CAN-2005-0448}
+         - perl 5.8.4-8
+         NOTE: fixed in testing at time of DSA
+ [21 Mar 2005] DSA-695-1 xli - buffer overflow, input sanitising, integer overflow
+         {CAN-2001-0775 CAN-2005-0638 CAN-2005-0639}
+         - xli 1.17.0-18
+         NOTE: not fixed in testing at time of DSA
+ [21 Mar 2005] DSA-694-1 xloadimage - missing input sanitising, integer overflow
+         {CAN-2005-0638 CAN-2005-0639}
+         - xloadimage 4.1-14.2
+         NOTE: not fixed in testing at time of DSA
+ [14 Mar 2005] DSA-693-1 luxman - buffer overflow
+         {CAN-2005-0385}
+         NOTE: not fixed in testing at time of DSA
+         NOTE: not in unstable at time of DSA though DSA claimed it was
+         - luxman 0.41-20
+ [14 Mar 2005] DSA-662-2 squirrelmail - several
+         NOTE: only an update to a prior DSA, did not affct sid/sarge.
+ [08 Mar 2005] DSA-692-1 kppp - design flaw
+         {CAN-2005-0205}
+         - kppp 4:3.1.6
+         NOTE: fixed in testing at time of DSA
+ [07 Mar 2005] DSA-691-1 abuse - several
+         {CAN-2005-0098 CAN-2005-0099}
+         NOTE: not in unstable/testing
+ [25 Feb 2005] DSA-690-1 bsmtpd - missing input sanitising
+         {CAN-2005-0107}
+         - bsmtpd 2.3pl8b-16
+         NOTE: not fixed in testing at time of DSA
+ [23 Feb 2005] DSA-689-1 libapache-mod-python - missing input sanitising
+         {CAN-2005-0088}
+         - libapache-mod-python 2.7.10-4
+         NOTE: fixed in testing at time of DSA
+         - libapache2-mod-python 3.1.3-3
+         NOTE: fixed in testing at time of DSA
+ [23 Feb 2005] DSA-688-1 squid - mising input sanitising
+         {CAN-2005-0446}
+         - squid 2.5.8-3
+         NOTE: fixed in testing at time of DSA
+ [21 Feb 2005] DSA-674-3 mailman - cross-site scripting, directory traversal
+         NOTE: only fixed bug in DSA
+ [18 Feb 2005] DSA-687-1 bidwatcher - format string
+         {CAN-2005-0158}
+         - bidwatcher 1.3.17-1
+         NOTE: not fixed in testing at time of DSA
+ [17 Feb 2005] DSA-686-1 gftp - missing input sanitising
+         {CAN-2005-0372}
+         - gftp 2.0.18-1
+         NOTE: not fixed in testing at time of DSA
+ [17 Feb 2005] DSA-685-1 emacs21 - format string
+         {CAN-2005-0100}
+         - emacs21 21.3+1-9
+         NOTE: not fixed in testing at time of DSA
+ [16 Feb 2005] DSA-684-1 typespeed - format string
+         {CAN-2005-0105}
+         - typespeed 0.4.4-8
+         NOTE: not fixed in testing at time of DSA
+ [15 Feb 2005] DSA-683-1 postgresql - buffer overflows
+         {CAN-2005-0245 CAN-2005-0247}
+         - postgresql 7.4.7-2
+         NOTE: fixed in testing at time of DSA
+ [15 Feb 2005] DSA-682-1 awstats - missing input sanitising
+         {CAN-2005-0363}
+         - awstats 6.2-1.2
+         NOTE: not fixed in testing at time of DSA
+ [14 Feb 2005] DSA-681-1 synaesthesia - privilege escalation
+         {CAN-2005-0070}
+         NOTE: does not apply for sarge, program is not setuid anymore
+ [14 Feb 2005] DSA-680-1 htdig - unsanitised input
+         {CAN-2005-0085}
+         - htdig 3.1.6-11
+         NOTE: fixed in testing at time of DSA
+ [14 Feb 2005] DSA-679-1 toolchain-source - insecure temporary files
+         {CAN-2005-0159}
+         - toolchain-source 3.4-5
+         NOTE: not fixed in testing at time of DSA
+ [11 Feb 2005] DSA-678-1 netkit-rwho - missing input validation
+         {CAN-2004-1180}
+         - netkit-rwho 0.17-8
+         NOTE: not fixed in testing at time of DSA
+ [11 Feb 2005] DSA-677-1 sympa - buffer overflow
+         {CAN-2005-0073}
+         - sympa 4.1.2-2.1
+         NOTE: not fixed in testing at time of DSA
+ [11 Feb 2005] DSA-676-1 xpcd - buffer overflow
+         {CAN-2005-0074}
+         - xpcd 2.08-11.1
+         NOTE: not fixed in testing at time of DSA
+ [11 Feb 2005] DSA-674-2 mailman - cross-site scripting, directory traversal
+         NOTE: only fixed bug in DSA
+ [10 Feb 2005] DSA-675-1 hztty - privilege escalation
+         {CAN-2005-0019}
+         - hztty 2.0-6.1
+         NOTE: not fixed in testing at time of DSA
+ [10 Feb 2005] DSA-674-1 mailman - cross-site scripting, directory traversal
+         {CAN-2004-1177}
+         - mailman 2.1.5-5
+         NOTE: fixed in testing at time of DSA
+         {CAN-2005-0202}
+         - mailman 2.1.5-6
+         NOTE: not fixed in testing at time of DSA
+ [10 Feb 2005] DSA-673-1 evolution - integer overflow
+         {CAN-2005-0102}
+         - evolution 2.0.3-1.2
+         NOTE: fixed in testing at time of DSA
+ [09 Feb 2005] DSA-672-1 xview - buffer overflows
+         {CAN-2005-0076}
+         - xview 3.2p1.4-19
+         NOTE: not fixed in testing at time of DSA
+ [08 Feb 2005] DSA-671-1 xemacs21 - format string
+         {CAN-2005-0100}
+         NOTE: not fixed in testing at time of DSA
+         - xemacs21 21.4.16-2
+ [08 Feb 2005] DSA-670-1 emacs20 - format string
+         {CAN-2005-0100}
+         NOTE: also affects emacs21 in unstable, fixed
+ [04 Feb 2005] DSA-689-1 php3 - several
+         {CAN-2004-0594 CAN-2004-0595}
+         - php3 3.0.18-27
+         NOTE: fixed in testing at time of DSA
+ [04 Feb 2005] DSA-668-1 postgresql - privilege escalation
+         {CAN-2005-0227}
+         - postgresql 7.4.7-1
+         NOTE: not fixed in testing at time of DSA
+ [04 Feb 2005] DSA-667-1 squid - several
+         {CAN-2005-0173 CAN-2005-0175 CAN-2005-0194 CAN-2005-0211}
+         - squid 2.5.7-7
+         NOTE: not fixed in testing at time of DSA
+ [04 Feb 2005] DSA-666-1 python2.2 - design flaw
+         {CAN-2005-0089}
+         - python2.2 2.2.3-14
+         - python2.3 2.3.4-20
+         - python2.4 2.4-5
+         NOTE: not fixed in testing at time of DSA
+ [04 Feb 2005] DSA-665-1 ncpfs - missing privilege release
+         {CAN-2005-0013}
+         - ncpfs 2.2.6-1
+         NOTE: not fixed in testing at time of DSA
+ [02 Feb 2005] DSA-664-1 cpio - broken file permissions
+         {CAN-1999-1572}
+         - cpio 2.5-1.2
+         NOTE: not fixed in testing at time of DSA
+ [02 Feb 2005] DSA-663-1 prozilla - buffer overflows
+         {CAN-2004-1120}
+         - prozilla 1.3.7.3-1
+         NOTE: fixed in testing at time of DSA
+ [01 Feb 2005] DSA-662-1 squirrelmail - several
+         {CAN-2005-0104 CAN-2005-0152}
+         NOTE: CAN-2005-0152 only exists in 1.2.6 version
+         - squirrelmail 1.4.4
+         NOTE: fixed in testing at time of DSA
+ [20 Apr 2005] DSA-661-2 f2c - insecure temporary files
+         {CAN-2005-0017 CAN-2005-0018}
+         - f2c 20020621-3.3
+         NOTE: not fixed in testing at time of DSA
+ [26 Jan 2005] DSA-660-1 kdebase - missing return value check
+         {CAN-2005-0078}
+         - kdebase 4:3.0.5
+         NOTE: fixed in testing at time of DSA
+ [26 Jan 2005] DSA-659-1 libpam-radius-auth - information leak, integer underflow
+         {CAN-2004-1340 CAN-2005-0108}
+         - libpam-radius-auth 1.3.16-3
+         NOTE: 1/2 fixed in testing at time of DSA
+ [25 Jan 2005] DSA-658-1 libdbi-perl - insecure temporary file
+         {CAN-2005-0077}
+         - libdbi-perl 1.46-6
+         NOTE: not fixed in testing at time of DSA
+ [25 Jan 2005] DSA-657-1 xine-lib - buffer overflow
+         {CAN-2004-1379}
+         - xine-lib 1-rc6a-1
+         NOTE: fixed in testing at time of DSA
+ [25 Jan 2005] DSA-656-1 vdr - insecure file access
+         {CAN-2005-0071}
+         - vdr 1.2.6-6
+         NOTE: not fixed in testing at time of DSA
+ [25 Jan 2005] DSA-655-1 zhcon - missing privilege release
+         {CAN-2005-0072}
+         - zhcon 1:0.2.3-8.1
+         NOTE: not fixed in testing at time of DSA
+ [21 Jan 2005] DSA-654-1 enscript - several
+         {CAN-2004-1184 CAN-2004-1185 CAN-2004-1186}
+         - enscript 1.6.4-6
+         NOTE: not fixed in testing at time of DSA
+ [21 Jan 2005] DSA-653-1 ethereal - buffer overflow
+         {CAN-2005-0084}
+         - ethereal 0.10.9-1
+         NOTE: not fixed in testing at time of DSA
+ [21 Jan 2005] DSA-652-1 unarj
+         {CAN-2004-0947 CAN-2004-1027}
+         NOTE: not-for-us (unarj)
+ [20 Jan 2005] DSA-651-1 squid - buffer overflow, integer overflow
+         {CAN-2005-0094 CAN-2005-0095}
+         - squid 2.5.7-4
+         NOTE: not fixed in testing at time of DSA
+ [20 Jan 2005] DSA-650-1 sword - missing input sanitising
+         {CAN-2005-0015}
+         - sword 1.5.7-7
+         NOTE: not fixed in testing at time of DSA
+ [20 Jan 2005] DSA-649-1 xtrlock - buffer overflow
+         {CAN-2005-0079}
+         - xtrlock 2.0-9
+         NOTE: fixed in testing at time of DSA
+ [19 Jan 2005] DSA-648-1 xpdf - buffer overflow
+         {CAN-2005-0064}
+         - xpdf 3.00-12
+         NOTE: not fixed in testing at time of DSA
+ [19 Jan 2005] DSA-647-1 mysql - insecure temporary files
+         {CAN-2005-0004}
+         - mysql-dfsg 4.0.23-3
+         - mysql-dfsg-4.1 4.1.8a-6
+         NOTE: not fixed in testing at time of DSA
+ [19 Jan 2005] DSA-646-1 imagemagick - buffer overflow
+         {CAN-2005-0005}
+         - imagemagick 6.0.6.2-2
+         NOTE: not fixed in testing at time of DSA
+ [19 Jan 2005] DSA-645-1 cupsys - buffer overflow
+         {CAN-2005-0064}
+         NOTE: cupsys not affected in sarge, though other programs are vulnerable
+         NOTE: see CAN/list
+         NOTE: not fixed in testing at time of DSA
+ [18 Jan 2005] DSA-644-1 chbg - buffer overflow
+         {CAN-2004-1264}
+         - chbg 1.5-4
+         NOTE: fixed in testing at time of DSA
+ [18 Jan 2005] DSA-643-1 queue - buffer overflows
+         {CAN-2004-0555}
+         - queue 1.30.1-5
+         NOTE: not fixed in testing at time of DSA
+ [17 Jan 2005] DSA-642-1 gallery - several
+         {CAN-2004-1106}
+         - gallery 1.4.4-pl4-1
+         NOTE: fixed in testing at time of DSA
+ [17 Jan 2005] DSA-641-1 playmidi - buffer overflow
+         {CAN-2005-0020}
+         - playmidi 2.4debian-3
+         NOTE: not fixed in testing at time of DSA
+ [17 Jan 2005] DSA-640-1 gatos - buffer overflow
+         {CAN-2005-0016}
+         - gatos 0.0.5-15
+         NOTE: not fixed in testing at time of DSA
+ [14 Jan 2005] DSA-639-1 mc - several
+         {CAN-2004-1004 CAN-2004-1005 CAN-2004-1009 CAN-2004-1090 CAN-2004-1091 CAN-2004-1092 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2004-1176}
+         NOTE: unstable not vulnerable according to DSA
+         NOTE: DSA was wrong..
+         - mc 1:4.6.0-4.6.1-pre3-1
+         NOTE: not fixed in testing at time of DSA
+ [13 Jan 2005] DSA-638-1 gopher - several
+         {CAN-2004-0560 CAN-2004-0561}
+         NOTE: not in sarge
+ [13 Jan 2005] DSA-637-1 exim-tls - buffer overflow
+         {CAN-2005-0021}
+         NOTE: not in sarge
+ [12 Jan 2005] DSA-636-1 glibc - insecure temporary files
+         {CAN-2004-0968}
+         - glibc 2.3.2.ds1-20
+         NOTE: fixed in testing at time of DSA
+ [12 Jan 2005] DSA-635-1 exim - buffer overflow
+         {CAN-2005-0021}
+         - exim4 4.34-10
+         NOTE: fixed in testing at time of DSA
+         - exim 3.36-13
+         NOTE: not fixed in testing at time of DSA
+ [11 Jan 2005] DSA-634-1 hylafax - weak hostname and username validation
+         {CAN-2004-1182}
+         - hylafax 4.2.1-1
+         NOTE: fixed in testing at time of DSA
+ [11 Jan 2005] DSA-633-1 bmv - insecure temporary file
+         {CAN-2003-0014}
+         - bmv 1.2-17
+         NOTE: fixed in testing at time of DSA
+ [10 Jan 2005] DSA-632-1 linpopup - buffer overflow
+         {CAN-2004-1282}
+         - linpopup 1.2.0-7
+         NOTE: fixed in testing at time of DSA
+ [10 Jan 2005] DSA-631-1 kdelibs - unsanitised input
+         {CAN-2004-1165}
+         - kdelibs 4:3.3.2-1
+         NOTE: not fixed in testing at time of DSA
+ [10 Jan 2005] DSA-630-1 lintian - insecure temporary directory
+         {CAN-2004-1000}
+         - lintian 1.23.6
+         NOTE: not fixed in testing at time of DSA
+ [07 Jan 2005] DSA-629-1 krb5 - buffer overflow
+         {CAN-2004-1189}
+         - krb5 1.3.6-1
+         NOTE: not fixed in testing at time of DSA
+ [06 Jan 2005] DSA-628-1 imlib2 - integer overflows
+         {CAN-2004-1026}
+         - imlib2 1.1.2-2.1
+         NOTE: not fixed in testing at time of DSA
+ [06 Jan 2005] DSA-627-1 namazu2 - unsanitised input
+         {CAN-2004-1318}
+         - namazu2 2.0.14-1
+         NOTE: not fixed in testing at time of DSA
+ [06 Jan 2005] DSA-626-1 tiff - unsanitised input
+         {CAN-2004-1183}
+         - libtiff4 3.6.1-5
+         NOTE: not fixed in testing at time of DSA
+ [05 Jan 2005] DSA-625-1 pcal - buffer overflows
+         {CAN-2004-1289}
+         - pcal 4.8.0-1
+         NOTE: not fixed in testing at time of DSA
+ [05 Jan 2005] DSA-624-1 zip - buffer overflow
+         {CAN-2004-1010}
+         - zip 2.30-8
+         NOTE: fixed in testing at time of DSA
+ [04 Jan 2005] DSA-623-1 nasm - buffer overflow
+         {CAN-2004-1287}
+         - nasm 0.98.38-1.1
+ [03 Jan 2005] DSA-622-1 htmlheadline - insecure temporary files
+         {CAN-2004-1181}
+         NOTE: not in unstable
  [31 Dec 2004] DSA-621-1 cupsys - buffer overflow
          {CAN-2004-1125}
          - cupsys 1.1.22-2
-Line 43
+Line 630
          - atari800 1.3.2-1
  [14 Dec 2004] DSA-608-1 zgv - integer overflows, unsanitised input
          {CAN-2004-1095 CAN-2004-0999}
-         - zgv (unfixed; no bug or other info yet for reserved CAN-2004-0999)
+         - zgv 5.7-1.3
+         NOTE: changelog says he only patched 1095, but diff comparison
+         NOTE: shows 0999 was also fixed.
  [10 Dec 2004] DSA-607-1 xfree86 - several
          {CAN-2004-0914}
          - xfree86 4.3.0.dfsg.1-9
  [08 Dec 2004] DSA-606-1 nfs-utils - wrong signal handler
          {CAN-2004-1014}
-         - nfs-utils (unfixed; bug #284971)
+         - nfs-utils 1:1.0.6-3.1
  [06 Dec 2004] DSA-605-1 viewcvs - settings not honored
          {CAN-2004-0915}
          - viewcvs 0.9.2+cvs.1.0.dev.2004.07.28-1.2
-Line 58
+Line 647
          - hpsockd 0.14
  [01 Dec 2004] DSA-603-1 openssl - insecure temporary file
          {CAN-2004-0975}
-         - openssl 0.9.7e-1
+         - openssl 0.9.7e-3
  [29 Nov 2004] DSA-602-1 libgd2 - integer overlow
          {CAN-2004-0941 CAN-2004-0990}
          NOTE: different from fixes from earlier DSA for these CANs; 2004-0941 new
-Line 103
+Line 692
          - gnats 4.0-6.1
  [09 Nov 2004] DSA-589-1 libgd - integer overflows
          {CAN-2004-0990}
-         - libgd1 (unfixed; bug #280134)
+         - libgd1 1.8.4-36.1
  [08 Nov 2004] DSA-588-1 gzip - insecure temporary files
          {CAN-2004-0970}
          NOTE: dsa says sid not affected
-Line 155
+Line 744
          - cupsys 1.1.20final+rc1-10
          {CAN-2004-0889}
          - xpdf 3.00-10
-         TODO: kpdf and kfax not fixed in sarge, bug #278173 has a backported patch for the kpdf hole
+         NOTE: kpdf and kfax are fixed in sarge, bug #278173 and #280373 for reference
          - kpdf 4:3.3.1-1
          - gpdf 2.8.0-1
          - kfax 4:3.3.1-1
-Line 241
+Line 830
  [16 Sep 2004] DSA-548-1 imlib - unsanitised input
          {CAN-2004-0817}
          - imlib 1.9.14-17
-         NOTE: changelog claims it was fixed, but it apparently was not
+         - imlib+png2 1.9.14-16.2
-         - imlib+png2 (unfixed; bug #285025)
  [16 Sep 2004] DSA-547-1 imagemagic - buffer overflows
          {CAN-2004-0827}
          - imagemagic 6.0.6.2-1
-Line 361
+Line 949
          {CAN-2004-0522}
          - gallery 1.4.3-pl2-1
  [30 May 2004] DSA-511 ethereal - buffer overflows
-         {CAN-2004-0176
+         {CAN-2004-0176}
          - ethereal 0.10.3-1
  [29 May 2004] DSA-510 jftpgw - format string
          {CAN-2004-0448}

 Legend:



Removed from v.221
 


changed lines


 
Added in v.1434
 Legend:



Removed from v.221
 


changed lines


 
Added in v.1434
-Removed from v.221
+Added in v.1434

	ViewVC Help
Powered by ViewVC 1.1.5