/[secure-testing]/data/DSA/list

Diff of /data/DSA/list

Parent Directory | Revision Log | View Patch Patch

-sarge-checks/DSA/list
revision 84 by joeyh,
Fri Nov  5 21:17:54 2004 UTC
+data/DSA/list
revision 1446 by jmm-guest,
Thu Jul 21 07:13:42 2005 UTC
 Line 1
+ [21 Jul 2005] DSA-764-1 cacti - several
+         {CAN-2005-1524 CAN-2005-1525 CAN-2005-1526 CAN-2005-2148 CAN-2005-2149}
+         - cacti 0.8.6f-1 (high)
+         NOTE: fixed in testing at time of DSA
+         NOTE: DSA information is incorrect, sid fix is 6f, not 6e
+ [20 Jul 2005] DSA-763-1 zlib - buffer overflow
+         {CAN-2005-1849}
+         - zlib 1.2.3-1 (medium)
+         NOTE: not fixed in testing at time of DSA (only 1/2 days old, not built on s390)
+ [19 Jul 2005] DSA-762-1 affix - several
+         {CAN-2005-2250 CAN-2005-2277}
+         - affix 2.1.2-2 (medium)
+         NOTE: not fixed in testing at time of DSA (only 2/2 days old)
+ [19 Jul 2005] DSA-761-1 heartbeat - insecure temporary files
+         {CAN-2005-2231}
+         - heartbeat 1.2.3-12 (medium)
+         NOTE: not fixed in testing at time of DSA (only 0/2 days old)
+ [18 Jul 2005] DSA-760-1 ekg - several
+         {CAN-2005-1850 CAN-2005-1851 CAN-2005-1916}
+         - ekg 1.5+20050712+1.6rc2-1 (low)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies, not built on five archs)
+ [18 Jul 2005] DSA-759-1 phppgadmin - missing input sanitising
+         {CAN-2005-2256}
+         - phppgadmin 3.5.4-1 (medium)
+         NOTE: not fixed in testing at time of DSA (only 0/10 days old)
+ [18 Jul 2005] DSA-758-1 heimdal - buffer overflow
+         {CAN-2005-2040}
+         - heimdal 0.6.3-11 (medium)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies)
+ [17 Jul 2005] DSA-757-1 krb5 - buffer overflow, double-free memory
+         {CAN-2005-1689 CAN-2005-1174 CAN-2005-1175}
+         - krb5 1.3.6-4 (medium)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies, not built on m68k)
+ [14 Jul 2005] DSA-746-1 phpgroupware - remote command execution
+         {CAN-2005-1921}
+         - phpgroupware 0.9.16.006-1 (high)
+         NOTE: fixed in testing at time of DSA
+ [13 Jul 2005] DSA-756-1 squirrelmail - several
+         {CAN-2005-1769 CAN-2005-2095}
+         - squirrelmail 2:1.4.4-6 (medium)
+         NOTE: not fixed in testing at time of DSA (only 0/2 days old)
+ [13 Jul 2005] DSA-755-1 tiff - buffer overflow
+         {CAN-2005-1544}
+         - tiff 3.7.2-3 (medium)
+         NOTE: fixed in testing at time of DSA
+ [13 Jul 2005] DSA-754-1 centericq - insecure temporary file
+         {CAN-2005-1914}
+         - centericq 4.20.0-7 (low)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies)
+ [12 Jul 2005] DSA-753-1 gedit - format string
+         {CAN-2005-1686}
+         - gedit 2.10.3-1 (low)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies)
+ [11 Jul 2005] DSA-752-1 gzip - several
+         {CAN-2005-0988 CAN-2005-1228}
+         - gzip 1.3.5-10
+         NOTE: fixed in testing at time of DSA
+ [11 Jul 2005] DSA-751-1 squid - IP spoofind
+         {CAN-2005-1519}
+         - squid 2.5.9-9
+         NOTE: fixed in testing at time of DSA
+ [10 Jul 2005] DSA-748-1 ruby1.8 - bad default value
+         {CAN-2005-1992}
+         - ruby1.8 1.8.2-8 (medium)
+         NOTE: not fixed in testing at time of DSA (waiting on dependencies)
+ [11 Jul 2005] DSA-750-1 dhcpcd - out-of-bound memory access
+         {CAN-2005-1848}
+         - dhcpcd 1.3.22pl4-22
+         NOTE: fixed in testing at time of DSA
+ [10 Jul 2005] DSA-749-1 ettercap - format string error
+         {CAN-2005-1796}
+         - ettercap 0.7.3-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [10 Jul 2005] DSA-747-1 egroupware - input validation error
+         {CAN-2005-1921}
+         - egroupware 1.0.0.007-3.dfsg-1 (high)
+         NOTE: not fixed in testing at time of DSA (only 1/2 days old)
+ [10 Jul 2005] DSA-745-1 drupal - arbitrary command execution
+         {CAN-2005-1921 CAN-2005-2106 CAN-2005-2116}
+         - drupal 4.5.4-1 (high)
+         NOTE: fixed in testing at time of DSA
+ [08 Jul 2005] DSA-744-1 fuse - programming error
+         {CAN-2005-1858}
+         - fuse 2.3.0-1
+         NOTE: fixed in testing at time of DSA
+ [08 Jul 2005] DSA-743-1 ht - buffer overflows, integer overflows
+         {CAN-2005-1545 CAN-2005-1546}
+         - ht 0.8.0-3
+         NOTE: fixed in testing at time of DSA
+ [09 Jul 2005] DSA-742-1 cvs - buffer overflow
+         {CAN-2005-0753}
+         - cvs 1:1.12.9-13 (high)
+         NOTE: fixed in testing at time of DSA
+ [07 Jul 2005] DSA-741-1 bzip2 - infinite loop
+         {CAN-2005-1260}
+         - bzip2 1.0.2-7 (low)
+         NOTE: fixed in testing at time of DSA
+ [06 Jul 2005] DSA-740-1 zlib - buffer overflow
+         {CAN-2005-2096}
+         - zlib 1.2.2-7 (medium)
+         NOTE: anything statically linking zlib needs rebuild
+         TODO: check rest/coord with Kurt Roeckx
+         - aide (unfixed; bug #317523; medium)
+         NOTE: not fixed in testing at time of DSA (embargoed disclosure)
+ [06 Jul 2005] DSA-739-1 trac - missing input sanitising
+         {CAN-2005-2007}
+         - trac 0.8.4-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [19 May 2005] DSA-725-2 ppxp - missing privilege release
+         {CAN-2005-0392}
+         - ppxp 0.2001080415-11
+         NOTE: fixed in testing at time of DSA
+ [05 Jul 2005] DSA-738-1 razor - email header parsing error
+         {CAN-2005-2024}
+         - razor 2.720-1 (low)
+         NOTE: not fixed in testing at time of DSA (not built on arm)
+ [05 Jul 2005] DSA-737-1 clamav - various DOS vulnerabilities
+         {CAN-2005-1922 CAN-2005-1923 CAN-2005-2056 CAN-2005-2070}
+         - clamav 0.86.1-1 (medium)
+         NOTE: not fixed in testing at time of DSA (uploaded with low urgency only, one fix missing for sid)
+ [05 Jul 2005] DSA-734-1 gaim - denial of service
+         {CAN-2005-1269 CAN-2005-1934}
+         - gaim 1.3.1-1
+         NOTE: not fixed in testing at time of DSA (not built on sparc)
+ [01 Jul 2005] DSA-736-2 spamassassin - mail header parsing error
+         {CAN-2005-1266}
+         - spamassassin 3.0.4-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [01 Jul 2005] DSA-736-1 spamassassin - mail header parsing error
+         {CAN-2005-1266}
+         - spamassassin 3.0.4-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [08 Jul 2005] DSA-735-2 sudo - pathname validation race
+         {CAN-2005-1993}
+         - sudo 1.6.8p9-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [01 Jul 2005] DSA-735-2 sudo - pathname validation race
+         {CAN-2005-1993}
+         - sudo 1.6.8p9-1 (medium)
+         NOTE: fixed in testing at time of DSA
+ [01 Jul 2005] DSA-735-1 sudo - pathname validation race
+         {CAN-2005-1993}
+         - sudo 1.6.8p9-1 (medium)
+         NOTE: not fixed in testing at time of DSA
+ [30 Jun 2005] DSA-733-1 crip - insecure temporary files
+         {CAN-2005-0393}
+         - crip 3.5-1sarge2 (low)
+         NOTE: not fixed in testing at time of DSA (reserved)
+ [03 Jun 2005] DSA-732-1 mailutils - several
+         {CAN-2005-1520 CAN-2005-1521 CAN-2005-1522 CAN-2005-1523}
+         - mailutils 0.6.1-4
+         NOTE: fixed in testing at time of DSA
+ [02 Jun 2005] DSA-731-1 krb4 - buffer overflows
+         {CAN-2005-0468 CAN-2005-0468}
+         - krb4 1.2.2-11.2
+         NOTE: fixed in testing at time of DSA
+ [27 May 2005] DSA-730-1 bzip2 - race condition
+         {CAN-2005-0953}
+         - bzip2 1.0.2-6
+         NOTE: fixed in testing at time of DSA
+ [26 May 2005] DSA-729-1 php4 - missing input sanitising
+         {CAN-2005-0525}
+         - php4 4.3.10-10
+         NOTE: fixed in testing at time of DSA
+ [25 May 2005] DSA-728-1 qpopper - missing privilege release
+         {CAN-2005-1151 CAN-2005-1152}
+         - qpopper 4.0.5-4sarge1
+         NOTE: fixed in testing at time of DSA by security team
+ [20 May 2005] DSA-727-1 libconvert-uulib-perl - buffer overflow
+         {CAN-2005-1349}
+         - libconvert-uulib-perl 1.0.5.1-1
+         NOTE: fixed in testing at time of DSA
+ [20 May 2005] DSA-726-1 oops - format string vulnerability
+         {CAN-2005-1121}
+         - oops (unfixed; bug #307360)
+         NOTE: not in testing at time of DSA
+ [19 May 2005] DSA-725-1 ppxp - missing privilege release
+         {CAN-2005-0392}
+         - ppxp 0.2001080415-11
+         NOTE: not fixed in testing at time of DSA
+ [18 May 2005] DSA-724-1 phpsysinfo - design flaw
+         {CAN-2005-0870}
+         - phpsysinfo 2.3-3
+         NOTE: fixed in testing at time of DSA
+ [09 May 2005] DSA-723-1 xfree86 - buffer overflow
+         {CAN-2005-0605}
+         - xfree86 4.3.0.dfsg.1-13
+         NOTE: not fixed in testing at time of DSA
+ [09 May 2005] DSA-722-1 smail - buffer overflow
+         {CAN-2005-0892}
+         NOTE: Package not in testing at time of DSA
+ [06 May 2005] DSA-721-1 squid - design flaw
+         {CAN-2005-1345}
+         - squid 2.5.9-7
+         NOTE: not fixed in testing at time of DSA
+ [03 May 2005] DSA-720-1 smartlist - wrong input processing
+         {CAN-2005-0157}
+         - smartlist 3.15-18
+         NOTE: fixed in testing at time of DSA
+ [28 Apr 2005] DSA-719-1 prozilla - format string problems
+         {CAN-2005-0523}
+         - prozilla 1:1.3.7.4-1
+         NOTE: fixed in testing at time of DSA
+ [28 Apr 2005] DSA-718-1 ethereal - buffer overflow
+         {CAN-2005-0739}
+         - ethereal 0.10.10-1
+         NOTE: fixed in testing at time of DSA
+ [27 Apr 2005] DSA-717-1 lsh-utils - buffer overflow, typo
+         {CAN-2003-0826 CAN-2005-0814}
+         - lsh-utils 2.0.1-2
+         NOTE: fixed in testing at time of DSA
+ [27 Apr 2005] DSA-716-1 gaim - denial of service
+         {CAN-2005-0472}
+         - gaim 1.1.3-1
+         NOTE: fixed in testing at time of DSA
+ [27 Apr 2005] DSA-715-1 cvs - several
+         {CAN-2004-1342 CAN-2004-1343}
+         - cvs 1.12.9-12
+         NOTE: not fixed in testing at time of DSA
+ [26 Apr 2005] DSA-714-1 kdelibs - several
+         {CAN-2005-1046}
+         - kdelibs 4:3.3.2-5
+         NOTE: not fixed in testing at time of DSA
+ [21 Apr 2005] DSA-701-2 samba - integer overflows
+         NOTE: only a bug in the backported fix to stable, testing is ok
+ [21 Apr 2005] DSA-713-1 junkbuster - several
+         {CAN-2005-1108 CAN-2005-1109}
+         NOTE: package not in testing/unstable
+ [19 Apr 2005] DSA-712-1 geneweb - insecure file operations
+         {CAN-2005-0391}
+         - geneweb 4.10-7
+         NOTE: fixed in testing at time of DSA
+ [19 Apr 2005] DSA-711-1 info2www - missing input sanitising
+         {CAN-2004-1341}
+         - info2www 1.2.2.9-23
+         NOTE: fixed in testing at time of DSA
+ [18 Apr 2005] DSA-710-1 gtkhtml - null pointer dereference
+         {CAN-2003-0541}
+         - gtkhtml 1.0.4-6.2
+         NOTE: fixed in testing at time of DSA
+ [15 Apr 2005] DSA-709-1 libexif - buffer overflow
+         {CAN-2005-0664}
+         - libexif 0.6.9-5
+ [15 Apr 2005] DSA-708-1 php3 - missing input sanitising
+         {CAN-2005-0525}
+         - php3 3.0.18-31
+ [13 Apr 2005] DSA-707-1 mysql - several
+         {CAN-2004-0957 CAN-2005-0709 CAN-2005-0710 CAN-2005-0711}
+         - mysql-dfsg 4.0.24-5
+         - mysql-dfsg-4.1 4.1.10a-6
+         NOTE: not fixed in testing at time of DSA
+ [13 Apr 2005] DSA-706-1 axel - buffer overflow
+         {CAN-2005-0390}
+         - axel 1.0b-1
+         NOTE: fixed in testing at time of DSA
+ [04 Apr 2005] DSA-705-1 wu-ftpd - missing input sanitising
+         {CAN-2005-0256 CAN-2003-0854}
+         - wu-ftpd 2.6.2-19
+ [04 Apr 2005] DSA-704-1 remstats - tempfile, missing input sanitising
+         {CAN-2005-0387 CAN-2005-0388}
+         - remstats 1.0.13a-5
+         NOTE: not fixed in testing at time of DSA
+ [01 Apr 2005] DSA-703-1 krb5 - buffer overflows
+         {CAN-2005-0468 CAN-2005-0469}
+         - krb5 1.3.6-1
+ [01 Apr 2005] DSA-702-1 imagemagick - several
+         {CAN-2005-0397 CAN-2005-0759 CAN-2005-0760 CAN-2005-0762}
+         - imagemagick 6.0.6.2-2.2
+ [31 Mar 2005] DSA-701-1 samba - integer overflows
+         {CAN-2004-1154}
+         - samba 3.0.10-1
+ [30 Mar 2005] DSA-700-1 mailreader - missing input sanitising
+         {CAN-2005-0386}
+         - mailreader 2.3.29-11
+         NOTE: not fixed in testing at time of DSA
+ [29 Mar 2005] DSA-699-1 netkit-telnet-ssl - buffer overflow
+         {CAN-2005-0469}
+         - netkit-telnet-ssl 0.17.24+0.1-7.1
+         NOTE: not fixed in testing at time of DSA
+ [29 Mar 2005] DSA-698-1 mc - buffer overflow
+         {CAN-2005-0763}
+         NOTE: Not clear which unstable/testing version fixed this,
+         NOTE: but advisory says it's fixed.
+ [29 Mar 2005] DSA-697-1 netkit-telnet - buffer overflow
+         {CAN-2005-0469}
+         - netkit-telnet 0.17-28
+         NOTE: not fixed in testing at time of DSA
+ [22 Mar 2005] DSA-696-1 perl - design flaw
+         {CAN-2005-0448}
+         - perl 5.8.4-8
+         NOTE: fixed in testing at time of DSA
+ [21 Mar 2005] DSA-695-1 xli - buffer overflow, input sanitising, integer overflow
+         {CAN-2001-0775 CAN-2005-0638 CAN-2005-0639}
+         - xli 1.17.0-18
+         NOTE: not fixed in testing at time of DSA
+ [21 Mar 2005] DSA-694-1 xloadimage - missing input sanitising, integer overflow
+         {CAN-2005-0638 CAN-2005-0639}
+         - xloadimage 4.1-14.2
+         NOTE: not fixed in testing at time of DSA
+ [14 Mar 2005] DSA-693-1 luxman - buffer overflow
+         {CAN-2005-0385}
+         NOTE: not fixed in testing at time of DSA
+         NOTE: not in unstable at time of DSA though DSA claimed it was
+         - luxman 0.41-20
+ [14 Mar 2005] DSA-662-2 squirrelmail - several
+         NOTE: only an update to a prior DSA, did not affct sid/sarge.
+ [08 Mar 2005] DSA-692-1 kppp - design flaw
+         {CAN-2005-0205}
+         - kppp 4:3.1.6
+         NOTE: fixed in testing at time of DSA
+ [07 Mar 2005] DSA-691-1 abuse - several
+         {CAN-2005-0098 CAN-2005-0099}
+         NOTE: not in unstable/testing
+ [25 Feb 2005] DSA-690-1 bsmtpd - missing input sanitising
+         {CAN-2005-0107}
+         - bsmtpd 2.3pl8b-16
+         NOTE: not fixed in testing at time of DSA
+ [23 Feb 2005] DSA-689-1 libapache-mod-python - missing input sanitising
+         {CAN-2005-0088}
+         - libapache-mod-python 2.7.10-4
+         NOTE: fixed in testing at time of DSA
+         - libapache2-mod-python 3.1.3-3
+         NOTE: fixed in testing at time of DSA
+ [23 Feb 2005] DSA-688-1 squid - mising input sanitising
+         {CAN-2005-0446}
+         - squid 2.5.8-3
+         NOTE: fixed in testing at time of DSA
+ [21 Feb 2005] DSA-674-3 mailman - cross-site scripting, directory traversal
+         NOTE: only fixed bug in DSA
+ [18 Feb 2005] DSA-687-1 bidwatcher - format string
+         {CAN-2005-0158}
+         - bidwatcher 1.3.17-1
+         NOTE: not fixed in testing at time of DSA
+ [17 Feb 2005] DSA-686-1 gftp - missing input sanitising
+         {CAN-2005-0372}
+         - gftp 2.0.18-1
+         NOTE: not fixed in testing at time of DSA
+ [17 Feb 2005] DSA-685-1 emacs21 - format string
+         {CAN-2005-0100}
+         - emacs21 21.3+1-9
+         NOTE: not fixed in testing at time of DSA
+ [16 Feb 2005] DSA-684-1 typespeed - format string
+         {CAN-2005-0105}
+         - typespeed 0.4.4-8
+         NOTE: not fixed in testing at time of DSA
+ [15 Feb 2005] DSA-683-1 postgresql - buffer overflows
+         {CAN-2005-0245 CAN-2005-0247}
+         - postgresql 7.4.7-2
+         NOTE: fixed in testing at time of DSA
+ [15 Feb 2005] DSA-682-1 awstats - missing input sanitising
+         {CAN-2005-0363}
+         - awstats 6.2-1.2
+         NOTE: not fixed in testing at time of DSA
+ [14 Feb 2005] DSA-681-1 synaesthesia - privilege escalation
+         {CAN-2005-0070}
+         NOTE: does not apply for sarge, program is not setuid anymore
+ [14 Feb 2005] DSA-680-1 htdig - unsanitised input
+         {CAN-2005-0085}
+         - htdig 3.1.6-11
+         NOTE: fixed in testing at time of DSA
+ [14 Feb 2005] DSA-679-1 toolchain-source - insecure temporary files
+         {CAN-2005-0159}
+         - toolchain-source 3.4-5
+         NOTE: not fixed in testing at time of DSA
+ [11 Feb 2005] DSA-678-1 netkit-rwho - missing input validation
+         {CAN-2004-1180}
+         - netkit-rwho 0.17-8
+         NOTE: not fixed in testing at time of DSA
+ [11 Feb 2005] DSA-677-1 sympa - buffer overflow
+         {CAN-2005-0073}
+         - sympa 4.1.2-2.1
+         NOTE: not fixed in testing at time of DSA
+ [11 Feb 2005] DSA-676-1 xpcd - buffer overflow
+         {CAN-2005-0074}
+         - xpcd 2.08-11.1
+         NOTE: not fixed in testing at time of DSA
+ [11 Feb 2005] DSA-674-2 mailman - cross-site scripting, directory traversal
+         NOTE: only fixed bug in DSA
+ [10 Feb 2005] DSA-675-1 hztty - privilege escalation
+         {CAN-2005-0019}
+         - hztty 2.0-6.1
+         NOTE: not fixed in testing at time of DSA
+ [10 Feb 2005] DSA-674-1 mailman - cross-site scripting, directory traversal
+         {CAN-2004-1177}
+         - mailman 2.1.5-5
+         NOTE: fixed in testing at time of DSA
+         {CAN-2005-0202}
+         - mailman 2.1.5-6
+         NOTE: not fixed in testing at time of DSA
+ [10 Feb 2005] DSA-673-1 evolution - integer overflow
+         {CAN-2005-0102}
+         - evolution 2.0.3-1.2
+         NOTE: fixed in testing at time of DSA
+ [09 Feb 2005] DSA-672-1 xview - buffer overflows
+         {CAN-2005-0076}
+         - xview 3.2p1.4-19
+         NOTE: not fixed in testing at time of DSA
+ [08 Feb 2005] DSA-671-1 xemacs21 - format string
+         {CAN-2005-0100}
+         NOTE: not fixed in testing at time of DSA
+         - xemacs21 21.4.16-2
+ [08 Feb 2005] DSA-670-1 emacs20 - format string
+         {CAN-2005-0100}
+         NOTE: also affects emacs21 in unstable, fixed
+ [04 Feb 2005] DSA-689-1 php3 - several
+         {CAN-2004-0594 CAN-2004-0595}
+         - php3 3.0.18-27
+         NOTE: fixed in testing at time of DSA
+ [04 Feb 2005] DSA-668-1 postgresql - privilege escalation
+         {CAN-2005-0227}
+         - postgresql 7.4.7-1
+         NOTE: not fixed in testing at time of DSA
+ [04 Feb 2005] DSA-667-1 squid - several
+         {CAN-2005-0173 CAN-2005-0175 CAN-2005-0194 CAN-2005-0211}
+         - squid 2.5.7-7
+         NOTE: not fixed in testing at time of DSA
+ [04 Feb 2005] DSA-666-1 python2.2 - design flaw
+         {CAN-2005-0089}
+         - python2.2 2.2.3-14
+         - python2.3 2.3.4-20
+         - python2.4 2.4-5
+         NOTE: not fixed in testing at time of DSA
+ [04 Feb 2005] DSA-665-1 ncpfs - missing privilege release
+         {CAN-2005-0013}
+         - ncpfs 2.2.6-1
+         NOTE: not fixed in testing at time of DSA
+ [02 Feb 2005] DSA-664-1 cpio - broken file permissions
+         {CAN-1999-1572}
+         - cpio 2.5-1.2
+         NOTE: not fixed in testing at time of DSA
+ [02 Feb 2005] DSA-663-1 prozilla - buffer overflows
+         {CAN-2004-1120}
+         - prozilla 1.3.7.3-1
+         NOTE: fixed in testing at time of DSA
+ [01 Feb 2005] DSA-662-1 squirrelmail - several
+         {CAN-2005-0104 CAN-2005-0152}
+         NOTE: CAN-2005-0152 only exists in 1.2.6 version
+         - squirrelmail 1.4.4
+         NOTE: fixed in testing at time of DSA
+ [20 Apr 2005] DSA-661-2 f2c - insecure temporary files
+         {CAN-2005-0017 CAN-2005-0018}
+         - f2c 20020621-3.3
+         NOTE: not fixed in testing at time of DSA
+ [26 Jan 2005] DSA-660-1 kdebase - missing return value check
+         {CAN-2005-0078}
+         - kdebase 4:3.0.5
+         NOTE: fixed in testing at time of DSA
+ [26 Jan 2005] DSA-659-1 libpam-radius-auth - information leak, integer underflow
+         {CAN-2004-1340 CAN-2005-0108}
+         - libpam-radius-auth 1.3.16-3
+         NOTE: 1/2 fixed in testing at time of DSA
+ [25 Jan 2005] DSA-658-1 libdbi-perl - insecure temporary file
+         {CAN-2005-0077}
+         - libdbi-perl 1.46-6
+         NOTE: not fixed in testing at time of DSA
+ [25 Jan 2005] DSA-657-1 xine-lib - buffer overflow
+         {CAN-2004-1379}
+         - xine-lib 1-rc6a-1
+         NOTE: fixed in testing at time of DSA
+ [25 Jan 2005] DSA-656-1 vdr - insecure file access
+         {CAN-2005-0071}
+         - vdr 1.2.6-6
+         NOTE: not fixed in testing at time of DSA
+ [25 Jan 2005] DSA-655-1 zhcon - missing privilege release
+         {CAN-2005-0072}
+         - zhcon 1:0.2.3-8.1
+         NOTE: not fixed in testing at time of DSA
+ [21 Jan 2005] DSA-654-1 enscript - several
+         {CAN-2004-1184 CAN-2004-1185 CAN-2004-1186}
+         - enscript 1.6.4-6
+         NOTE: not fixed in testing at time of DSA
+ [21 Jan 2005] DSA-653-1 ethereal - buffer overflow
+         {CAN-2005-0084}
+         - ethereal 0.10.9-1
+         NOTE: not fixed in testing at time of DSA
+ [21 Jan 2005] DSA-652-1 unarj
+         {CAN-2004-0947 CAN-2004-1027}
+         NOTE: not-for-us (unarj)
+ [20 Jan 2005] DSA-651-1 squid - buffer overflow, integer overflow
+         {CAN-2005-0094 CAN-2005-0095}
+         - squid 2.5.7-4
+         NOTE: not fixed in testing at time of DSA
+ [20 Jan 2005] DSA-650-1 sword - missing input sanitising
+         {CAN-2005-0015}
+         - sword 1.5.7-7
+         NOTE: not fixed in testing at time of DSA
+ [20 Jan 2005] DSA-649-1 xtrlock - buffer overflow
+         {CAN-2005-0079}
+         - xtrlock 2.0-9
+         NOTE: fixed in testing at time of DSA
+ [19 Jan 2005] DSA-648-1 xpdf - buffer overflow
+         {CAN-2005-0064}
+         - xpdf 3.00-12
+         NOTE: not fixed in testing at time of DSA
+ [19 Jan 2005] DSA-647-1 mysql - insecure temporary files
+         {CAN-2005-0004}
+         - mysql-dfsg 4.0.23-3
+         - mysql-dfsg-4.1 4.1.8a-6
+         NOTE: not fixed in testing at time of DSA
+ [19 Jan 2005] DSA-646-1 imagemagick - buffer overflow
+         {CAN-2005-0005}
+         - imagemagick 6.0.6.2-2
+         NOTE: not fixed in testing at time of DSA
+ [19 Jan 2005] DSA-645-1 cupsys - buffer overflow
+         {CAN-2005-0064}
+         NOTE: cupsys not affected in sarge, though other programs are vulnerable
+         NOTE: see CAN/list
+         NOTE: not fixed in testing at time of DSA
+ [18 Jan 2005] DSA-644-1 chbg - buffer overflow
+         {CAN-2004-1264}
+         - chbg 1.5-4
+         NOTE: fixed in testing at time of DSA
+ [18 Jan 2005] DSA-643-1 queue - buffer overflows
+         {CAN-2004-0555}
+         - queue 1.30.1-5
+         NOTE: not fixed in testing at time of DSA
+ [17 Jan 2005] DSA-642-1 gallery - several
+         {CAN-2004-1106}
+         - gallery 1.4.4-pl4-1
+         NOTE: fixed in testing at time of DSA
+ [17 Jan 2005] DSA-641-1 playmidi - buffer overflow
+         {CAN-2005-0020}
+         - playmidi 2.4debian-3
+         NOTE: not fixed in testing at time of DSA
+ [17 Jan 2005] DSA-640-1 gatos - buffer overflow
+         {CAN-2005-0016}
+         - gatos 0.0.5-15
+         NOTE: not fixed in testing at time of DSA
+ [14 Jan 2005] DSA-639-1 mc - several
+         {CAN-2004-1004 CAN-2004-1005 CAN-2004-1009 CAN-2004-1090 CAN-2004-1091 CAN-2004-1092 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2004-1176}
+         NOTE: unstable not vulnerable according to DSA
+         NOTE: DSA was wrong..
+         - mc 1:4.6.0-4.6.1-pre3-1
+         NOTE: not fixed in testing at time of DSA
+ [13 Jan 2005] DSA-638-1 gopher - several
+         {CAN-2004-0560 CAN-2004-0561}
+         NOTE: not in sarge
+ [13 Jan 2005] DSA-637-1 exim-tls - buffer overflow
+         {CAN-2005-0021}
+         NOTE: not in sarge
+ [12 Jan 2005] DSA-636-1 glibc - insecure temporary files
+         {CAN-2004-0968}
+         - glibc 2.3.2.ds1-20
+         NOTE: fixed in testing at time of DSA
+ [12 Jan 2005] DSA-635-1 exim - buffer overflow
+         {CAN-2005-0021}
+         - exim4 4.34-10
+         NOTE: fixed in testing at time of DSA
+         - exim 3.36-13
+         NOTE: not fixed in testing at time of DSA
+ [11 Jan 2005] DSA-634-1 hylafax - weak hostname and username validation
+         {CAN-2004-1182}
+         - hylafax 4.2.1-1
+         NOTE: fixed in testing at time of DSA
+ [11 Jan 2005] DSA-633-1 bmv - insecure temporary file
+         {CAN-2003-0014}
+         - bmv 1.2-17
+         NOTE: fixed in testing at time of DSA
+ [10 Jan 2005] DSA-632-1 linpopup - buffer overflow
+         {CAN-2004-1282}
+         - linpopup 1.2.0-7
+         NOTE: fixed in testing at time of DSA
+ [10 Jan 2005] DSA-631-1 kdelibs - unsanitised input
+         {CAN-2004-1165}
+         - kdelibs 4:3.3.2-1
+         NOTE: not fixed in testing at time of DSA
+ [10 Jan 2005] DSA-630-1 lintian - insecure temporary directory
+         {CAN-2004-1000}
+         - lintian 1.23.6
+         NOTE: not fixed in testing at time of DSA
+ [07 Jan 2005] DSA-629-1 krb5 - buffer overflow
+         {CAN-2004-1189}
+         - krb5 1.3.6-1
+         NOTE: not fixed in testing at time of DSA
+ [06 Jan 2005] DSA-628-1 imlib2 - integer overflows
+         {CAN-2004-1026}
+         - imlib2 1.1.2-2.1
+         NOTE: not fixed in testing at time of DSA
+ [06 Jan 2005] DSA-627-1 namazu2 - unsanitised input
+         {CAN-2004-1318}
+         - namazu2 2.0.14-1
+         NOTE: not fixed in testing at time of DSA
+ [06 Jan 2005] DSA-626-1 tiff - unsanitised input
+         {CAN-2004-1183}
+         - libtiff4 3.6.1-5
+         NOTE: not fixed in testing at time of DSA
+ [05 Jan 2005] DSA-625-1 pcal - buffer overflows
+         {CAN-2004-1289}
+         - pcal 4.8.0-1
+         NOTE: not fixed in testing at time of DSA
+ [05 Jan 2005] DSA-624-1 zip - buffer overflow
+         {CAN-2004-1010}
+         - zip 2.30-8
+         NOTE: fixed in testing at time of DSA
+ [04 Jan 2005] DSA-623-1 nasm - buffer overflow
+         {CAN-2004-1287}
+         - nasm 0.98.38-1.1
+ [03 Jan 2005] DSA-622-1 htmlheadline - insecure temporary files
+         {CAN-2004-1181}
+         NOTE: not in unstable
+ [31 Dec 2004] DSA-621-1 cupsys - buffer overflow
+         {CAN-2004-1125}
+         - cupsys 1.1.22-2
+ [30 Dec 2004] DSA-620-1 perl - insecure temporary files / directories
+         {CAN-2004-0452 CAN-2004-0976}
+         - perl 5.8.4-5
+ [30 Dev 2004] DSA-619-1 xpdf - buffer overflow
+         {CAN-2004-1125}
+         - xpdf 3.00-11
+ [24 Dec 2004] DSA-618-1 imlib - buffer overflows, integer overflows
+         {CAN-2004-1025 CAN-2004-1026}
+         - imlib 1.9.14-17.1
+         - imlib-png2 1.9.14-16.1
+ [24 Dec 2004] DSA-617-1 libtiff - insufficient input validation
+         {CAN-2004-1308}
+         - libtiff4 3.6.1-4
+ [23 Dec 2004] DSA-616-1 telnetd-ssl - format string
+         {CAN-2004-0998}
+         - telnetd-ssl 0.17.24+0.1-6
+ [22 Dec 2004] DSA-615-1 debmake - insecure temporary file
+         {CAN-2004-1179}
+         - debmake 3.7.7
+ [21 Dec 2004] DSA-614-1 xzgv - integer overflows
+         {CAN-2004-0994}
+         - xzgv 0.8-3
+ [21 Dec 2004] DSA-613-1 ethereal - inifinite loop
+         {CAN-2004-114}
+         - ethereal 0.10.8-1
+ [21 Dec 2004] DSA-614-1 xzgv - integer overflows
+         {CAN-2004-0994}
+         - xzgv 0.8-3
+ [20 Dec 2004] DSA-612-1 a2ps - unsanitised input
+         {CAN-2004-1170}
+         - a2ps 4.13b-4.2
+ [20 Dec 2004] DSA-611-1 htget - buffer overflow
+         {CAN-2004-0852}
+         NOTE: htget not in sarge or unstable
+ [17 Dec 2004] DSA-610-1 cscope - insecure temporary file
+         {CAN-2004-0996}
+         - cscope 15.5-1
+ [14 Dec 2004] DSA-609-1 atari800 - buffer overflows
+         {CAN-2004-1076}
+         - atari800 1.3.2-1
+ [14 Dec 2004] DSA-608-1 zgv - integer overflows, unsanitised input
+         {CAN-2004-1095 CAN-2004-0999}
+         - zgv 5.7-1.3
+         NOTE: changelog says he only patched 1095, but diff comparison
+         NOTE: shows 0999 was also fixed.
+ [10 Dec 2004] DSA-607-1 xfree86 - several
+         {CAN-2004-0914}
+         - xfree86 4.3.0.dfsg.1-9
+ [08 Dec 2004] DSA-606-1 nfs-utils - wrong signal handler
+         {CAN-2004-1014}
+         - nfs-utils 1:1.0.6-3.1
+ [06 Dec 2004] DSA-605-1 viewcvs - settings not honored
+         {CAN-2004-0915}
+         - viewcvs 0.9.2+cvs.1.0.dev.2004.07.28-1.2
+ [03 Dec 2004] DSA-604-1 hpsockd - missing input sanitising
+         {CAN-2004-0993}
+         - hpsockd 0.14
+ [01 Dec 2004] DSA-603-1 openssl - insecure temporary file
+         {CAN-2004-0975}
+         - openssl 0.9.7e-3
+ [29 Nov 2004] DSA-602-1 libgd2 - integer overlow
+         {CAN-2004-0941 CAN-2004-0990}
+         NOTE: different from fixes from earlier DSA for these CANs; 2004-0941 new
+         - libgd2 2.0.33-1.1
+ [29 Nov 2004] DSA-601-1 libgd1 - integer overflow
+         {CAN-2004-0941 CAN-2004-0990}
+         NOTE: different from fixes from earlier DSA for these CANs; 2004-0941 new
+         - libgd 1.8.4-36.1
+ [25 Nov 2004] DSA-599-1 tetex-bin - integer overflows
+         {CAN-2004-0888}
+         - tetex-bin 2.0.2-23
+ [25 Nov 2004] DSA-598-1 yardradius - buffer overflow
+         {CAN-2004-0987}
+         - yardradius 1.0.20-15
+ [25 Nov 2004] DSA-597-1 cyrus-imapd - buffer overflow
+         {CAN-2004-1012 CAN-2004-1013}
+         - cyrus21-imapd 2.1.17-1
+ [24 Nov 2004] DSA-596-2 sudo - missing input sanitising
+         {CAN-2004-1051}
+         - sudo 1.6.8p3-1
+ [24 Nov 2004] DSA-596-1 sudo - missing input sanitising
+         {CAN-2004-1051}
+         - sudo 1.6.8p3-1
+ [24 Nov 2004] DSA-595-1 bnc - buffer overflow
+         {CAN-2004-1052}
+         NOTE: package not in sarge or sid
+ [17 Nov 2004] DSA-594-1 apache - buffer overflows
+         {CAN-2004-0940}
+         - apache 1.3.33-2
+ [16 Nov 2004] DSA-593-1 imagemagick - buffer overflow
+         {CAN-2004-0981}
+         - imagemagick 6:6.0.6.2-1.5
+ [12 Nov 2004] DSA-592-1 ez-ipupdate - format string
+         {CAN-2004-0980}
+         - ez-ipupdate 3.0.11b8-8
+ [09 Nov 2004] DSA-591-1 libgd2 - integer overflows
+         {CAN-2004-0990}
+         - libgd2 2.0.30-1
+ [09 Nov 2004] DSA-590-1 gnats - format string vulnerability
+         {CAN-2004-0623}
+         NOTE: DSA got version of fix for unstable wrong
+         - gnats 4.0-6.1
+ [09 Nov 2004] DSA-589-1 libgd - integer overflows
+         {CAN-2004-0990}
+         - libgd1 1.8.4-36.1
+ [08 Nov 2004] DSA-588-1 gzip - insecure temporary files
+         {CAN-2004-0970}
+         NOTE: dsa says sid not affected
+ [08 Nov 2004] DSA-587-1 freeamp - buffer overflow
+         {CAN-2004-0964}
+         NOTE: DSA says zinf not vulnerable in sarge
+ [08 Nov 2004] DSA-586-1 ruby - infinite loop
+         {CAN-2004-0983}
+         - ruby1.6 1.6.8-12
+         - ruby1.8 1.8.1+1.8.2pre2-4
  [05 Nov 2004] DSA-585-1 shadow - programming error
          {CAN-2004-1001}
          - shadow 1:4.0.3-30.3
-Line 6
+Line 724
          - dhcp 2.0pl5-19.1
  [03 Nov 2004] DSA-583-1 lvm10 - insecure temporary directory
          {CAN-2004-0972}
-         TODO: I thought this didn't really matter because the script
-         TODO: was not included in the binary package. Check or fix.
  [02 Nov 2004] DSA-582-1 libxml - buffer overflow
          {CAN-2004-0989}
          - libxml 1.8.17-9
-Line 40
+Line 756
          {CAN-2004-0888}
          - cupsys 1.1.20final+rc1-10
          {CAN-2004-0889}
-         - xpdf 3.00-9
+         - xpdf 3.00-10
-         - kpdf (unfixed; bug #278173)
+         NOTE: kpdf and kfax are fixed in sarge, bug #278173 and #280373 for reference
+         - kpdf 4:3.3.1-1
          - gpdf 2.8.0-1
+         - kfax 4:3.3.1-1
  [21 Oct 2004] DSA-572-1 ecartis - multiple
          {CAN-2004-0913}
          - ecartis 1.0.0+cvs.20030911-8
-Line 125
+Line 843
  [16 Sep 2004] DSA-548-1 imlib - unsanitised input
          {CAN-2004-0817}
          - imlib 1.9.14-17
-         - imlib+png2 1.9.14-16
+         - imlib+png2 1.9.14-16.2
  [16 Sep 2004] DSA-547-1 imagemagic - buffer overflows
          {CAN-2004-0827}
          - imagemagic 6.0.6.2-1
-Line 159
+Line 877
          - kdelibs 4:3.2.3-3.sarge.1
  [17 Aug 2004] DSA-538 rsync - unauthorised directory traversal and file access
          - rsync 2.6.2-3
- [16 Aug 2004] DSA-537 ruby -- insecure file permissions
+ [16 Aug 2004] DSA-537 ruby - insecure file permissions
          {CAN-2004-0755}
          - ruby1.8 1.8.1+1.8.2pre1-4
          HELP: is ruby1.6 vulnerable?
-Line 244
+Line 962
          {CAN-2004-0522}
          - gallery 1.4.3-pl2-1
  [30 May 2004] DSA-511 ethereal - buffer overflows
-         {CAN-2004-0176
+         {CAN-2004-0176}
          - ethereal 0.10.3-1
  [29 May 2004] DSA-510 jftpgw - format string
          {CAN-2004-0448}
-Line 391
+Line 1109
          NOTE: CAN-2004-0081 only affects 0.9.6.
          NOTE: 0.9.7d also fixes CAN-2004-0112
          - openssl 0.9.6l
+         - openssl096 0.9.6m-1
  [16 Mar 2004] DSA-464 gdk-pixbuf - broken image handling
          {CAN-2004-0111}
          - gdk-pixbuf 0.22.0-3
-Line 413
+Line 1132
          {CAN-2004-0150}
          NOTE: not affected according to DSA
  [08 Mar 2004] DSA-457 wu-ftpd - several vulnerabilities
-         CAN-2004-0148 CAN-2004-0185}
+         {CAN-2004-0148 CAN-2004-0185}
          - wu-ftpd 2.6.2-17.1
  [06 Mar 2004] DSA-456 linux-kernel-2.2.19-arm - failing function and TLB flush
          {CAN-2004-0077}
-Line 522
+Line 1241
          HELP: No idea if this is fixed, we have a new upstream version
          HELP: that came out after these advisories, but neither the debian nor
          HELP: the upstream changelog seem to mention them.
-         NOTE: Mailed maintainr.
+         NOTE: Mailed maintainer.
  [16 Jan 2004] DSA-424 mc - buffer overflow
          {CAN-2003-1023}
          - mc 1:4.6.0-4.6.1-pre1-1
-Line 547
+Line 1266
          {CAN-2003-0961 CAN-2003-0985}
          NOTE: 2.4.18 not present. Did not check newer kernels.
  [06 Jan 2004] DSA-416 fsp - buffer overflow, directory traversal
-         {CAN-2003-1022, CAN-2004-0011}
+         {CAN-2003-1022 CAN-2004-0011}
          - fsp 2.81.b18-1
  [06 Jan 2004] DSA-415 zebra - denial of service
          {CAN-2003-0795 CAN-2003-0858}
-Line 741
+Line 1460
          {CAN-2003-0461 CAN-2003-0462 CAN-2003-0476 CAN-2003-0501 CAN-2003-0550 CAN-2003-0551 CAN-2003-0552 CAN-2003-0018 CAN-2003-0619 CAN-2003-0643}
          NOTE: 2.4.18/2.4.20 not in unstable/testing. Did not check newer ones.
  [31 Jul 2003] DSA-357 wu-ftpd - remote root exploit
+         {CAN-2003-0466}
          - wu-ftpd 2.6.2-12
  [30 Jul 2003] DSA-356 xtokkaetama - buffer overflows
          {CAN-2003-0611}
-Line 1325
+Line 2045
          {CAN-2002-0838}
          - gnome-gv 1.99.7-9
  [17 Oct 2002] DSA-178 heimdal - remote command execution
-         {CAN-2002-1225, CAN-2002-1226}
+         {CAN-2002-1225 CAN-2002-1226}
          - heimdal 0.4e-21
  [17 Oct 2002] DSA-177 pam - serious security violation
          {CAN-2002-1227}
-Line 1346
+Line 2066
          {CAN-2002-1193}
          NOTE: not in testing nor unstable (was fixed in 4.0beta9-9)
  [07 Oct 2002] DSA-171 fetchmail - buffer overflows
-         {CAN-2002-1175, CAN-2002-1174}
+         {CAN-2002-1175 CAN-2002-1174}
          - fetchmail 6.1.0-1
          NOTE: fetchmail-ssl not in testing, fixed in unstable (fetchmail-ssl 6.1.0-1)
  [04 Oct 2002] DSA-170 tomcat4 - source code disclosure

 Legend:



Removed from v.84
 


changed lines


 
Added in v.1446
 Legend:



Removed from v.84
 


changed lines


 
Added in v.1446
-Removed from v.84
+Added in v.1446

	ViewVC Help
Powered by ViewVC 1.1.5