/[secure-testing]/data/DSA/list

Diff of /data/DSA/list

Parent Directory | Revision Log | View Patch Patch

-revision 452 by joeyh,
Sat Feb 19 18:25:41 2005 UTC
+revision 858 by jmm-guest,
Tue Apr 19 11:03:01 2005 UTC
 Line 1
+ [19 Apr 2005] DSA-711-1 info2www - missing input sanitising
+         {CAN-2004-1341}
+         - info2www 1.2.2.9-23
+         NOTE: fixed in testing in time of DSA
+ [18 Apr 2005] DSA-710-1 gtkhtml - null pointer dereference
+         {CAN-2003-0541}
+         - gtkhtml 1.0.4-6.2
+         NOTE: fixed in testing at time of DSA
+ [15 Apr 2005] DSA-709-1 libexif - buffer overflow
+         {CAN-2005-0664}
+         - libexif 0.6.9-5
+ [15 Apr 2005] DSA-708-1 php3 - missing input sanitising
+         {CAN-2005-0525}
+         - php3 3.0.18-31
+ [13 Apr 2005] DSA-707-1 mysql - several
+         {CAN-2004-0957 CAN-2005-0709 CAN-2005-0710 CAN-2005-0711}
+         - mysql-dfsg 4.0.24-5
+         - mysql-dfsg-4.1 4.1.10a-6
+         NOTE: not fixed in testing at time of DSA
+ [13 Apr 2005] DSA-706-1 axel - buffer overflow
+         {CAN-2005-0390}
+         - axel 1.0b-1
+         NOTE: fixed in testing in time of DSA
+ [04 Apr 2005] DSA-705-1 wu-ftpd - missing input sanitising
+         {CAN-2005-0256 CAN-2003-0854}
+         - wu-ftpd 2.6.2-19
+ [04 Apr 2005] DSA-704-1 remstats - tempfile, missing input sanitising
+         {CAN-2005-0387 CAN-2005-0388}
+         - remstats 1.0.13a-5
+         NOTE: not fixed in testing at time of DSA
+ [01 Apr 2005] DSA-703-1 krb5 - buffer overflows
+         {CAN-2005-0468 CAN-2005-0469}
+         - krb5 1.3.6-1
+ [01 Apr 2005] DSA-702-1 imagemagick - several
+         {CAN-2005-0397 CAN-2005-0759 CAN-2005-0760 CAN-2005-0762}
+         - imagemagick 6.0.6.2-2.2
+ [31 Mar 2005] DSA-701-1 samba - integer overflows
+         {CAN-2004-1154}
+         - samba 3.0.10-1
+ [30 Mar 2005] DSA-700-1 mailreader - missing input sanitising
+         {CAN-2005-0386}
+         - mailreader 2.3.29-11
+         NOTE: not fixed in testing at time of DSA
+ [29 Mar 2005] DSA-699-1 netkit-telnet-ssl - buffer overflow
+         {CAN-2005-0469}
+         - netkit-telnet-ssl 0.17.24+0.1-7.1
+         NOTE: not fixed in testing at time of DSA
+ [29 Mar 2005] DSA-698-1 mc - buffer overflow
+         {CAN-2005-0763}
+         NOTE: Not clear which unstable/testing version fixed this,
+         NOTE: but advisory says it's fixed.
+ [29 Mar 2005] DSA-697-1 netkit-telnet - buffer overflow
+         {CAN-2005-0469}
+         - netkit-telnet 0.17-28
+         NOTE: not fixed in testing at time of DSA
+ [22 Mar 2005] DSA-696-1 perl - design flaw
+         {CAN-2005-0448}
+         - perl 5.8.4-8
+         NOTE: fixed in testing at time of DSA
+ [21 Mar 2005] DSA-695-1 xli - buffer overflow, input sanitising, integer overflow
+         {CAN-2001-0775 CAN-2005-0638 CAN-2005-0639}
+         - xli 1.17.0-18
+         NOTE: not fixed in testing at time of DSA
+ [21 Mar 2005] DSA-694-1 xloadimage - missing input sanitising, integer overflow
+         {CAN-2005-0638 CAN-2005-0639}
+         - xloadimage 4.1-14.2
+         NOTE: not fixed in testing at time of DSA
+ [14 Mar 2005] DSA-693-1 luxman - buffer overflow
+         {CAN-2005-0385}
+         NOTE: not fixed in testing at time of DSA
+         NOTE: not in unstable at time of DSA though DSA claimed it was
+         - luxman 0.41-20
+ [14 Mar 2005] DSA-662-2 squirrelmail - several
+         NOTE: only an update to a prior DSA, did not affct sid/sarge.
+ [08 Mar 2005] DSA-692-1 kppp - design flaw
+         {CAN-2005-0205}
+         - kppp 4:3.1.6
+         NOTE: fixed in testing at time of DSA
+ [07 Mar 2005] DSA-691-1 abuse - several
+         {CAN-2005-0098 CAN-2005-0099}
+         NOTE: not in unstable/testing
+ [25 Feb 2005] DSA-690-1 bsmtpd - missing input sanitising
+         {CAN-2005-0107}
+         - bsmtpd 2.3pl8b-16
+         NOTE: not fixed in testing at time of DSA
+ [23 Feb 2005] DSA-689-1 libapache-mod-python - missing input sanitising
+         {CAN-2005-0088}
+         - libapache-mod-python 2.7.10-4
+         NOTE: fixed in testing at time of DSA
+         - libapache2-mod-python 3.1.3-3
+         NOTE: fixed in testing at time of DSA
+ [23 Feb 2005] DSA-688-1 squid - mising input sanitising
+         {CAN-2005-0446}
+         - squid 2.5.8-3
+         NOTE: fixed in testing at time of DSA
+ [21 Feb 2005] DSA-674-3 mailman - cross-site scripting, directory traversal
+         NOTE: only fixed bug in DSA
  [18 Feb 2005] DSA-687-1 bidwatcher - format string
          {CAN-2005-0158}
          - bidwatcher 1.3.17-1
-Line 201
+Line 298
          {CAN-2004-1004 CAN-2004-1005 CAN-2004-1009 CAN-2004-1090 CAN-2004-1091 CAN-2004-1092 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2004-1176}
          NOTE: unstable not vulnerable according to DSA
          NOTE: DSA was wrong..
-         - mc (unfixed; bug #295261)
+         - mc 1:4.6.0-4.6.1-pre3-1
          NOTE: not fixed in testing at time of DSA
  [13 Jan 2005] DSA-638-1 gopher - several
          {CAN-2004-0560 CAN-2004-0561}
-Line 331
+Line 428
          - hpsockd 0.14
  [01 Dec 2004] DSA-603-1 openssl - insecure temporary file
          {CAN-2004-0975}
-         - openssl 0.9.7e-1
+         - openssl 0.9.7e-3
  [29 Nov 2004] DSA-602-1 libgd2 - integer overlow
          {CAN-2004-0941 CAN-2004-0990}
          NOTE: different from fixes from earlier DSA for these CANs; 2004-0941 new
-Line 633
+Line 730
          {CAN-2004-0522}
          - gallery 1.4.3-pl2-1
  [30 May 2004] DSA-511 ethereal - buffer overflows
-         {CAN-2004-0176
+         {CAN-2004-0176}
          - ethereal 0.10.3-1
  [29 May 2004] DSA-510 jftpgw - format string
          {CAN-2004-0448}

 Legend:



Removed from v.452
 


changed lines


 
Added in v.858
 Legend:



Removed from v.452
 


changed lines


 
Added in v.858
-Removed from v.452
+Added in v.858

	ViewVC Help
Powered by ViewVC 1.1.5