/[secure-testing]/sarge-checks/CAN/list

Diff of /sarge-checks/CAN/list

Parent Directory | Revision Log | View Patch Patch

-revision 75 by stef-guest,
Thu Nov  4 20:20:53 2004 UTC
+revision 127 by joeyh,
Wed Nov 17 19:13:26 2004 UTC
 Line 1
+ CAN-2004-1033
+         NOTE: not in database yet
+         NOTE: bugtraq 1CE07882ECEE894CA2D5A89B8DEBC4010A2DD3@porgy.admin.idefense.com
+         - fcron 2.9.5.1 (unfixed; bug #281436)
+ CAN-2004-1032
+         NOTE: not in database yet
+         NOTE: bugtraq 1CE07882ECEE894CA2D5A89B8DEBC4010A2DD3@porgy.admin.idefense.com
+         - fcron 2.9.5.1 (unfixed; bug #281436)
+ CAN-2004-1031
+         NOTE: not in database yet
+         NOTE: bugtraq 1CE07882ECEE894CA2D5A89B8DEBC4010A2DD3@porgy.admin.idefense.com
+         - fcron 2.9.5.1 (unfixed; bug #281436)
+ CAN-2004-1030
+         NOTE: not in database yet
+         NOTE: bugtraq 1CE07882ECEE894CA2D5A89B8DEBC4010A2DD3@porgy.admin.idefense.com
+         - fcron 2.9.5.1 (unfixed; bug #281436)
+ CAN-2004-1024
+         NOTE: reserved
+ CAN-2004-1023
+         NOTE: reserved
+ CAN-2004-1022
+         NOTE: reserved
+ CAN-2004-1021
+         NOTE: reserved
+ CAN-2004-1020
+         NOTE: reserved
+ CAN-2004-1019
+         NOTE: reserved
+ CAN-2004-1018
+         NOTE: reserved
+ CAN-2004-1017
+         NOTE: reserved
+ CAN-2004-1016
+         NOTE: reserved
+ CAN-2004-1015
+         NOTE: reserved
+ CAN-2004-1014
+         NOTE: reserved
+ CAN-2004-1013
+         NOTE: reserved
+ CAN-2004-1012
+         NOTE: reserved
+ CAN-2004-1011
+         NOTE: reserved
+ CAN-2004-1010
+         - zip 2.30-7
+ CAN-2004-1009
+         NOTE: reserved
  CAN-2004-1008
          NOTE: reserved
  CAN-2004-1007
-Line 5 
 CAN-2004-1007
+Line 54 
 CAN-2004-1007
  CAN-2004-1006
          NOTE: reserved
          NOTE: covered by DSA-584-1
+         - dhcp 2.0pl5-19.1
  CAN-2004-1005
          NOTE: reserved
  CAN-2004-1004
-Line 36 
 CAN-2004-0992
+Line 86 
 CAN-2004-0992
  CAN-2004-0991
          NOTE: reserved
  CAN-2004-0990
-         TODO: probably vulnerable, check libgd1 and libgd2 and file bugs
+         NOTE: covered by DSA-589-1
+         NOTE: covered by DSA-591-1
  CAN-2004-0989
          NOTE: covered by DSA-582-1
  CAN-2004-0988
-Line 45 
 CAN-2004-0987
+Line 96 
 CAN-2004-0987
          NOTE: reserved
  CAN-2004-0986
          NOTE: reserved
+         - iptables 1.2.11-4
  CAN-2004-0985
          NOTE: not-for-us (windows)
  CAN-2004-0984
          NOTE: reserved
+         - mailutils 1:0.5-4
  CAN-2004-0983
          NOTE: reserved
+         - ruby1.8 1.8.1+1.8.2pre2-4
+         - ruby1.6 1.6.8-12
  CAN-2004-0982
          NOTE: reserved
+         - mpg123 0.59r-17
  CAN-2004-0981
          NOTE: reserved
+         - imagemagick 6:6.0.6.2-1.5
+         NOTE: covered by DSA-593-1
  CAN-2004-0980
          NOTE: reserved
+         - ez-ipupdate 3.0.11b8-8
  CAN-2004-0979
          NOTE: not-for-us (windows)
  CAN-2004-0978
          NOTE: not-for-us (windows)
- CAN-2004-0977 [local; low]
+ CAN-2004-0977
          - postgresql 7.4.6-1
- CAN-2004-0976 [local; low]
+ CAN-2004-0976
-         - perl (unfixed; bug #278404)
+         - perl 5.8.4-4
- CAN-2004-0975 [local; low]
+ CAN-2004-0975
-         - openssl (unfixed; bug #278260)
+         - openssl 0.9.7e-1
+         NOTE: also includes other security fixes than this CAN
  CAN-2004-0974 [local; low]
          - netatalk 1.6.4a-1
  CAN-2004-0973
          NOTE: rejected
  CAN-2004-0972
          NOTE: lvmcreate_initrd not in debian
- CAN-2004-0971 [local; low]
+ CAN-2004-0971
          - kbr5 (unfixed; bug #278271; not shipped in binary package)
          - arla 0.36.2-11
- CAN-2004-0970 [local; medium]
+ CAN-2004-0970
          NOTE: sarge is not vulnerable as our version uses set -C
- CAN-2004-0969 [local; medium]
+ CAN-2004-0969
          - groff 1.18.1.1-2
- CAN-2004-0968 [local; medium]
+ CAN-2004-0968
          - libc6 (unfixed; bug #278278)
- CAN-2004-0967 [local; medium]
+ CAN-2004-0967
          - gs-common 0.3.6-0.1
- CAN-2004-0966 [local; medium]
+ CAN-2004-0966
          - gettext 0.14.1-6
  CAN-2004-0965
          NOTE: reserved
  CAN-2004-0964
+         NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
+         NOTE: DSA says zinf not vulnerable in sarge
          - zinf 2.2.5
  CAN-2004-0963
          NOTE: not-for-us (windows)
-Line 106 
 CAN-2004-0957
+Line 168 
 CAN-2004-0957
          - mysql-dfsg 3.23.58
          - mysql 3.23.58
  CAN-2004-0956
+         NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
          NOTE: reserved
  CAN-2004-0955
          NOTE: reserved
-Line 136 
 CAN-2004-0943
+Line 199 
 CAN-2004-0943
          NOTE: reserved
  CAN-2004-0942
          NOTE: reserved
+         - apache2 2.0.52-2
  CAN-2004-0941
          NOTE: reserved
  CAN-2004-0940
          NOTE: reserved
+         - apache 1.3.33-2
  CAN-2004-0939
          NOTE: reserved
  CAN-2004-0938
-Line 160 
 CAN-2004-0931
+Line 225 
 CAN-2004-0931
          NOTE: reserved
  CAN-2004-0930
          NOTE: reserved
+         NOTE: according to bugtraq post, this is a DOS in samba 3.0.x <= 3.0.7
+         NOTE: newer version in testing
  CAN-2004-0929
          NOTE: reserved
  CAN-2004-0928
-Line 263 
 CAN-2004-0890
+Line 330 
 CAN-2004-0890
  CAN-2004-0889
          NOTE: reserved
          NOTE: covered by DSA-573-1
+         - 3.00-10
  CAN-2004-0888
          NOTE: reserved
          NOTE: covered by DSA-573-1
-Line 275 
 CAN-2004-0886
+Line 343 
 CAN-2004-0886
          NOTE: reserved
          NOTE: covered by DSA-567-1
  CAN-2004-0885
-         - apache2 2.0.53
+         - apache2 2.0.52-2
  CAN-2004-0884
          NOTE: covered by DSA-563-1
  CAN-2004-0883
          NOTE: reserved
  CAN-2004-0882
          NOTE: reserved
+         NOTE: details http://security.e-matters.de/advisories/132004.html
+         - samba 3.0.7
  CAN-2004-0881
          NOTE: covered by DSA-553-1
  CAN-2004-0880
-Line 348 
 CAN-2004-0851
+Line 418 
 CAN-2004-0851
  CAN-2004-0850
          - star 1.5a46
  CAN-2004-0849
+         NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
          HELP: which radius daemon in debian is "GNU Radius" (if any)?
  CAN-2004-0848
          NOTE: reserved
-Line 394 
 CAN-2004-0828
+Line 465 
 CAN-2004-0828
          NOTE: not-fos-us (AIX)
  CAN-2004-0827
          NOTE: covered by DSA-547-1
+         - imagemagick 5:6.0.7.1-1
  CAN-2004-0826
          NOTE: not-for-us (netscape NSS)
  CAN-2004-0825
-Line 412 
 CAN-2004-0819
+Line 484 
 CAN-2004-0819
          NOTE: not-for-us (openbsd)
  CAN-2004-0818
+         NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
          NOTE: reserved
  CAN-2004-0817
          NOTE: covered by DSA-548-1
-Line 442 
 CAN-2004-0806
+Line 515 
 CAN-2004-0806
          - cdrtools 4:2.0+a34-2
  CAN-2004-0805
          NOTE: covered by DSA-564-1
+         - mpg123 0.59r-16
  CAN-2004-0804
+         NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
          NOTE: covered by DSA-567-1
  CAN-2004-0803
          NOTE: reserved
-Line 480 
 CAN-2004-0788
+Line 555 
 CAN-2004-0788
  CAN-2004-0787
          NOTE: not-for-us (seems OpenCA is not in Debian)
  CAN-2004-0786
+         NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
          - apache2 2.0.51
  CAN-2004-0785
          - gaim 0.82
-Line 499 
 CAN-2004-0779
+Line 575 
 CAN-2004-0779
  CAN-2004-0778
          - cvs 1.12.9
  CAN-2004-0777
+         NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
          - courier-imap 2.2.2
  CAN-2004-0776
          NOTE: reserved
-Line 568 
 CAN-2004-0749
+Line 645 
 CAN-2004-0749
  CAN-2004-0748
          - apache2 2.0.51
  CAN-2004-0747
+         NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
          - apache2 2.0.51
  CAN-2004-0746
          - kdelibs 4:3.2.3-3.sarge.1
          NOTE: in t-p-u; 4.3.3 in unstable also fixes it
  CAN-2004-0745
-         TODO: unsure if fixed, probably not. Mailed lha maintainer.
+         - lha 1.14i-10
-         NOTE: GOTO says first he heard of it, is checking.
  CAN-2004-0744
          NOTE: not-for-us (MacOS)
  CAN-2004-0743
-Line 680 
 CAN-2004-0695
+Line 757 
 CAN-2004-0695
          NOTE: not-for-us (WebSTAR)
  CAN-2004-0694
          NOTE: reserved
+         - lha 1.14i-10
  CAN-2004-0693
          NOTE: covered by DSA-542-1
  CAN-2004-0692
-Line 752 
 CAN-2004-0660
+Line 830 
 CAN-2004-0660
  CAN-2004-0659
          NOTE: not-for-us (mplayer)
  CAN-2004-0658
-         TODO: what kernel version fixed this?
+         NOTE: invalid according to www.osvdb.org/7253
  CAN-2004-0657
          - ntp 4.0
  CAN-2004-0656
-Line 833 
 CAN-2004-0621
+Line 911 
 CAN-2004-0621
  CAN-2004-0620
          NOTE: not-for-us (vBulletin)
  CAN-2004-0619
-         TODO: unchecked
+         NOTE: not-for-us (Linux Broadcom 5820 cryptonet driver)
+         NOTE: does not seem to be part of linux kernel or other package
  CAN-2004-0618
          NOTE: not-for-us (freebsd)
  CAN-2004-0617
-Line 924 
 CAN-2004-0578
+Line 1003 
 CAN-2004-0578
  CAN-2004-0577
          NOTE: not-for-us (Wingate)
  CAN-2004-0576
-         HELP: which one is GNU radius?
+         NOTE: not-for-us (GNU radius not in Debian)
-         TODO: unchecked
  CAN-2004-0575
          NOTE: not-for-us (Windows)
  CAN-2004-0574
-Line 1097 
 CAN-2004-0493
+Line 1175 
 CAN-2004-0493
          - apache2 2.0.50-1
  CAN-2004-0492
          NOTE: covered by DSA-525
+         - apache 1.3.31-2
  CAN-2004-0491
          NOTE: reserved
  CAN-2004-0490
-Line 1294 
 CAN-2004-0401
+Line 1373 
 CAN-2004-0401
          - libtasn1 0.1.2-2
  CAN-2004-0400
          NOTE: covered by DSA-501
+         - exim 3.36-11
  CAN-2004-0399
          NOTE: covered by DSA-501
+         - exim 3.36-11
  CAN-2004-0398
          NOTE: covered by DSA-506
-Line 1704 
 CAN-2004-0186
+Line 1785 
 CAN-2004-0186
          NOTE: covered by DSA-463
  CAN-2004-0184
          NOTE: covered by DSA-478
+         - tcpdump 3.7.2-4
  CAN-2004-0183
          NOTE: covered by DSA-478
+         - tcpdump 3.7.2-4
  CAN-2004-0182
          NOTE: not-for-us (mailman; RedHat specific bug)
  CAN-2004-0181
-Line 2329 
 begin claimed by pdwerryh-guest
+Line 2412 
 begin claimed by pdwerryh-guest
  CAN-2003-0899
          NOTE: covered by DSA-396
  CAN-2003-0898
+         NOTE: not-for-us (IBM DB2)
  CAN-2003-0897
+         NOTE: not-for-us (microsoft)
  CAN-2003-0896
+         NOTE: not-for-us (Sun/Java)
  CAN-2003-0895
+         NOTE: not-for-us (Apple)
  CAN-2003-0894
+         NOTE: not-for-us (Oracle)
  CAN-2003-0893
          NOTE: reserved
  CAN-2003-0892
-Line 2354 
 CAN-2003-0885
+Line 2442 
 CAN-2003-0885
  CAN-2003-0884
          NOTE: reserved
  CAN-2003-0883
+         NOTE: not-for-us (Apple)
  CAN-2003-0882
+         NOTE: not-for-us (Apple)
  CAN-2003-0881
+         NOTE: not-for-us (Apple)
  CAN-2003-0880
+         NOTE: not-for-us (Apple)
  CAN-2003-0879
          NOTE: rejected
  CAN-2003-0878
+         NOTE: not-for-us (Apple)
  CAN-2003-0877
+         NOTE: not-for-us (Apple)
  CAN-2003-0876
- CAN-2003-0875
+         NOTE: not-for-us (Apple)
+ CAN-2003-0875 [source package only]
+         NOTE: openslp: slpd.all_init symlink vuln
+         NOTE: this file is not used in Debian, so it's not a problem for us.
+         NOTE: source package still distributes the file, however.
+         TODO: submitted to BTS. waiting for response.
+         - openslp (unfixed; bug #279973; only problem in source package)
  CAN-2003-0874
+         NOTE: not-for-us (Deskpro)
  CAN-2003-0873
          NOTE: reserved
  CAN-2003-0872
+         NOTE: not-for-us (SCO)
  CAN-2003-0871
+         NOTE: not-for-us (Apple)
  CAN-2003-0870
+         NOTE: not-for-us (Opera)
  CAN-2003-0869
          NOTE: reserved
  CAN-2003-0868
-Line 2379 
 CAN-2003-0866
+Line 2483 
 CAN-2003-0866
          NOTE: covered by DSA-395
  CAN-2003-0865
          NOTE: covered by DSA-435
+         - mpg123 0.59r-15
  CAN-2003-0864
+         - ircd-irc2 2.10.3p5-1
  CAN-2003-0863
+         NOTE: php4, this bug appears not to have been fixed.
+         NOTE: submitted to BTS on libapache-mod-php4
+         TODO: waiting for response
  CAN-2003-0862
          NOTE: rejected
  CAN-2003-0861
+         - php4 4:4.3.3-1
  CAN-2003-0860
+         - php4 4:4.3.3-1
  CAN-2003-0859
+         NOTE: affects glibc 2.2.4, Debian uses 2.3.2
  CAN-2003-0858
          NOTE: covered by DSA-415
  CAN-2003-0857
          NOTE: reserved
  CAN-2003-0856
          NOTE: covered by DSA-492
+         - iproute 20010824-13.1
  CAN-2003-0855
+         - pan 0.13.4-1
  CAN-2003-0854
+         - coreutils 5.2.1-1
  CAN-2003-0853
+         - coreutils 5.2.1-1
  CAN-2003-0852
+         - sylpheed-claws 0.9.8claws-1
  CAN-2003-0851
+         NOTE: affects openssl 0.9.6. Testing uses 0.9.7.
  CAN-2003-0850
          NOTE: covered by DSA-410
+         - libnids1 1.18-1
  CAN-2003-0849
+         - cfengine2 2.0.9+2.1.0b3-1
  CAN-2003-0848
          NOTE: covered by DSA-428
+         - slocate 2.7-3
  CAN-2003-0847
+         NOTE: not-for-us (SuSE)
  CAN-2003-0846
+         NOTE: not-for-us (SuSE)
  CAN-2003-0845
+         NOTE: not-for-us (JBoss)
  CAN-2003-0844
+         NOTE: libapache-mod-gzip, vulnerable only when compiled in debug mode
+         NOTE: Debian doesn't enable MOD_GZIP_DEBUG1.
  CAN-2003-0843
+         NOTE: libapache-mod-gzip, vulnerable only when compiled in debug mode
+         NOTE: Debian doesn't enable MOD_GZIP_DEBUG1.
  CAN-2003-0842
+         NOTE: libapache-mod-gzip, vulnerable only when compiled in debug mode
+         NOTE: Debian doesn't enable MOD_GZIP_DEBUG1.
  CAN-2003-0841
+         NOTE: not-for-us (Peoplesoft)
  CAN-2003-0840
+         NOTE: not-for-us (HPUX)
  CAN-2003-0839
+         NOTE: not-for-us (microsoft)
  CAN-2003-0838
+         NOTE: not-for-us (microsoft)
  CAN-2003-0837
+         NOTE: not-for-us (IBM DB2)
  CAN-2003-0836
+         NOTE: not-for-us (IBM DB2)
  CAN-2003-0835
+         NOTE: not-for-us (mplayer)
  CAN-2003-0834
+         NOTE: not-for-us (CDE)
  CAN-2003-0833
          NOTE: covered by DSA-392
+         - webfs 1.20
  CAN-2003-0832
          NOTE: covered by DSA-392
+         - webfs 1.20
  CAN-2003-0831
+         - proftpd 1.2.9-1
  CAN-2003-0830
          NOTE: covered by DSA-390
+         NOTE: marbles package not in testing or unstable
  CAN-2003-0829
          NOTE: reserved
  CAN-2003-0828
          NOTE: covered by DSA-391
+         - freesweep 0.88-4.1
  CAN-2003-0827
+         NOTE: not-for-us (IBM DB2)
  CAN-2003-0826
+         - lsh-server 1.4.2-6
  CAN-2003-0824
+         NOTE: not-for-us (microsoft)
  CAN-2003-0823
+         NOTE: not-for-us (microsoft)
  CAN-2003-0822
+         NOTE: not-for-us (microsoft)
  CAN-2003-0821
+         NOTE: not-for-us (microsoft)
  CAN-2003-0820
+         NOTE: not-for-us (microsoft)
  CAN-2003-0819
+         NOTE: not-for-us (microsoft)
  CAN-2003-0818
+         NOTE: not-for-us (microsoft)
  CAN-2003-0817
+         NOTE: not-for-us (microsoft)
  CAN-2003-0816
+         NOTE: not-for-us (microsoft)
  CAN-2003-0815
+         NOTE: not-for-us (microsoft)
  CAN-2003-0814
+         NOTE: not-for-us (microsoft)
  CAN-2003-0813
+         NOTE: not-for-us (microsoft)
  CAN-2003-0812
+         NOTE: not-for-us (microsoft)
  CAN-2003-0811
          NOTE: reserved
  CAN-2003-0810
          NOTE: reserved
  CAN-2003-0809
-         - apache2 2.0.51
+         NOTE: not-for-us (microsoft)
  CAN-2003-0808
          NOTE: reserved
  CAN-2003-0807
+         NOTE: not-for-us (microsoft)
  CAN-2003-0806
+         NOTE: not-for-us (microsoft)
  CAN-2003-0805
          NOTE: covered by DSA-387
+         NOTE: gopherd not in testing or unstable (deprecated)
  CAN-2003-0804
+         NOTE: not-for-us (BSD)
  CAN-2003-0803
+         NOTE: not-for-us (Nokia)
  CAN-2003-0802
+         NOTE: not-for-us (Nokia)
  CAN-2003-0801
+         NOTE: not-for-us (Nokia)
  CAN-2003-0800
          NOTE: reserved
-Line 2671 
 CAN-2003-0699
+Line 2836 
 CAN-2003-0699
          NOTE: fixed in 2.4.21-rc2
  CAN-2003-0698
          NOTE: reserved
+         - exim 3.36-8
  CAN-2003-0697
          NOTE: not-for-us (AIX)
  CAN-2003-0696
-Line 2683 
 CAN-2003-0694
+Line 2849 
 CAN-2003-0694
  CAN-2003-0693
          NOTE: covered by DSA-382
          NOTE: covered by DSA-383
+         - openssh 1:3.6.1p2-6.0
  CAN-2003-0692
          NOTE: covered by DSA-388
  CAN-2003-0691
-Line 2707 
 CAN-2003-0683
+Line 2874 
 CAN-2003-0683
  CAN-2003-0682
          NOTE: covered by DSA-382
          NOTE: covered by DSA-383
+         - openssh 1:3.6.1p2-9
  CAN-2003-0681
          NOTE: covered by DSA-384
  CAN-2003-0680
-Line 2871 
 CAN-2003-0601
+Line 3039 
 CAN-2003-0601
          NOTE: not-for-us (Apple)
  CAN-2003-0600
          NOTE: reserved
- begin claimed by joeyh
  CAN-2003-0599
          NOTE: covered by DSA-365
  CAN-2003-0598
          NOTE: rejected
  CAN-2003-0597
-         TODO: check
+         NOTE: not-for-us (Unixware)
  CAN-2003-0596
-         NOTE: covered by DSA-352
+         - fdclone 2.02a
  CAN-2003-0595
-         TODO: check
+         NOTE: not-for-us (WiTango Application Server and Tango 2000)
  CAN-2003-0594
+         NOTE: cannot find reference to it being fixed.
          TODO: check
  CAN-2003-0593
-         TODO: check
+         NOTE: not-for-us (opera)
  CAN-2003-0592
          NOTE: covered by DSA-459
  CAN-2003-0591
          NOTE: rejected
  CAN-2003-0590
-         TODO: check
+         NOTE: not-for-us (Splatt Forum)
  CAN-2003-0589
-         TODO: check
+         NOTE: not-for-us (Digi-ads)
  CAN-2003-0588
-         TODO: check
+         NOTE: not-for-us (Digi-news)
  CAN-2003-0587
-         TODO: check
+         NOTE: not-for-us (Infopop Ultimate Bulletin Board (UBB))
  CAN-2003-0586
-         TODO: check
+         NOTE: not-for-us (Brooky eStore)
  CAN-2003-0585
-         TODO: check
+         NOTE: not-for-us (Brooky eStore)
  CAN-2003-0584
-         TODO: check
+         NOTE: not-for-us (BRU)
  CAN-2003-0583
-         - usermin 1.090-1
+         NOTE: not-for-us (BRU)
  CAN-2003-0582
          NOTE: rejected
  CAN-2003-0581
          NOTE: covered by DSA-360
  CAN-2003-0580
-         TODO: check
+         NOTE: not-for-us (IBM U2 UniVerse)
  CAN-2003-0579
-         TODO: check
+         NOTE: not-for-us (IBM U2 UniVerse)
  CAN-2003-0578
-         TODO: check
+         NOTE: not-for-us (IBM U2 UniVerse)
  CAN-2003-0577
-         TODO: check
+         - mpg123 0.59r-1
  CAN-2003-0576
-         TODO: check
+         NOTE: not-for-us (IRIX)
  CAN-2003-0575
-         TODO: check
+         NOTE: not-for-us (IRIX)
  CAN-2003-0574
-         TODO: check
+         NOTE: not-for-us (IRIX)
  CAN-2003-0573
-         TODO: check
+         NOTE: not-for-us (IRIX)
  CAN-2003-0572
-         TODO: check
+         NOTE: not-for-us (IRIX)
  CAN-2003-0571
          NOTE: reserved
  CAN-2003-0570
-Line 2939 
 CAN-2003-0569
+Line 3105 
 CAN-2003-0569
  CAN-2003-0568
          NOTE: reserved
  CAN-2003-0567
-         TODO: check
+         NOTE: not-for-us (Cisco)
  CAN-2003-0566
          NOTE: reserved
  CAN-2003-0565
-         TODO: check
+         NOTE: affects many implementations of the X.400 protocol
+         TODO: see if anything in debian uses X.400 and is vulnerable.
  CAN-2003-0564
-         TODO: check
+         NOTE: affects multiple S/MIME implementations
+         NOTE: checked current mozilla, which contains safe NSS 3.9.1
+         - mozilla 2:1.7.3
+         TODO: see if anything else in debian uses S/MIME and is vulnerable.
  CAN-2003-0563
          NOTE: reserved
  CAN-2003-0562
-         TODO: check
+         NOTE: not-for-us (Novell Netware)
  CAN-2003-0561
-         TODO: check
+         NOTE: not-for-us (IglooFTP)
  CAN-2003-0560
-         TODO: check
+         NOTE: not-for-us (VP-ASP)
  CAN-2003-0559
-         TODO: check
+         NOTE: not-for-us (phpforum)
  CAN-2003-0558
-         TODO: check
+         NOTE: not-for-us (LeapFTP)
  CAN-2003-0557
-         TODO: check
+         NOTE: not-for-us (StoreFront)
  CAN-2003-0556
-         TODO: check
+         NOTE: not-for-us (Polycom MGC)
  CAN-2003-0555
-         TODO: check
+         NOTE: imagemagick %x exploit failed with 6.0.6.2-1.5
  CAN-2003-0554
-         TODO: check
+         NOTE: not-for-us (NeoModus Direct Connect)
  CAN-2003-0553
-         TODO: check
+         NOTE: not-for-us (Netscape)
  CAN-2003-0552
          NOTE: covered by DSA-358
          NOTE: fixed in 2.4.22-pre3
-Line 2978 
 CAN-2003-0550
+Line 3148 
 CAN-2003-0550
          NOTE: covered by DSA-358
          NOTE: fixed in 2.4.22-pre3
  CAN-2003-0549
-         TODO: check
+         - gdm 2.4.1.5
  CAN-2003-0548
-         TODO: check
+         - gdm 2.4.1.5
  CAN-2003-0547
-         TODO: check
+         - gdm 2.4.1.5
  CAN-2003-0546
-         TODO: check
+         NOTE: not-for-us (up2date)
  CAN-2003-0545
          NOTE: covered by DSA-393
  CAN-2003-0544
-Line 2993 
 CAN-2003-0543
+Line 3163 
 CAN-2003-0543
          NOTE: covered by DSA-393
  CAN-2003-0542
          - apache2 2.0.48
+         - apache 1.3.29
  CAN-2003-0541
-         - squid 2.5.5-5
+         NOTE: does not affect evolution on debian
+         - gtkhtml (unfixed; bug #279726)
  CAN-2003-0540
          NOTE: covered by DSA-363
  CAN-2003-0539
-Line 3010 
 CAN-2003-0535
+Line 3182 
 CAN-2003-0535
  CAN-2003-0534
          NOTE: reserved
  CAN-2003-0533
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0532
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0531
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0530
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0529
          NOTE: reserved
  CAN-2003-0528
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0527
          NOTE: reserved
  CAN-2003-0526
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0525
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0524
-         TODO: check
+         NOTE: appears specific to the knoppix CD
  CAN-2003-0523
-         TODO: check
+         NOTE: not-for-us (ProductCart)
  CAN-2003-0522
-         TODO: check
+         NOTE: not-for-us (ProductCart)
  CAN-2003-0521
-         TODO: check
+         NOTE: not-for-us (cPanel is not our cpanel)
  CAN-2003-0520
-         TODO: check
+         NOTE: not-for-us (Trillian)
  CAN-2003-0519
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0518
-         TODO: check
+         NOTE: not-for-us (MacOS)
  CAN-2003-0517
-         TODO: check
+         - mgetty 1.1.29
  CAN-2003-0516
-         TODO: check
+         - mgetty 1.1.29
  CAN-2003-0515
          NOTE: covered by DSA-347
  CAN-2003-0514
-         TODO: check
+         NOTE: not-for-us (Safari)
  CAN-2003-0513
-         TODO: check
+         NOTE: not-for-us (MSIE)
  CAN-2003-0512
-         TODO: check
+         NOTE: not-for-us (Cisco)
  CAN-2003-0511
-         TODO: check
+         NOTE not-for-us (Cisco Aironet AP1x00 Series Wireless devices)
  CAN-2003-0510
-         TODO: check
+         NOTE: not-for-us (ezbounce)
  CAN-2003-0509
-         TODO: check
+         NOTE: not-for-us (Cyberstrong eShop)
  CAN-2003-0508
-         TODO: check
+         NOTE: not-for-us (acroread)
  CAN-2003-0507
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0506
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0505
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0504
          NOTE: covered by DSA-365
  CAN-2003-0503
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0502
-         TODO: check
+         NOTE: not-for-us (Apple Quicktime)
  CAN-2003-0501
          NOTE: covered by DSA-358
          NOTE: fixed in 2.4.22-pre10
  CAN-2003-0500
          NOTE: covered by DSA-338
- end claimed by joeyh
- begin claimed by stef-guest
  CAN-2003-0499
          NOTE: covered by DSA-335
  CAN-2003-0498
-         TODO: check
+         NOTE: not-for-us (Intersystems Cache database)
  CAN-2003-0497
-         TODO: check
+         NOTE: not-for-us (Intersystems Cache database)
  CAN-2003-0496
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0495
-         TODO: check
+         NOTE: not-for-us (lednews; not in debian)
  CAN-2003-0494
-         TODO: check
+         NOTE: not-for-us (snitz forums; not in debian)
  CAN-2003-0493
-         - apache2 2.0.50
+         NOTE: not-for-us (snitz forums; not in debian)
  CAN-2003-0492
-         TODO: check
+         NOTE: not-for-us (snitz forums; not in debian)
  CAN-2003-0491
-         TODO: check
+         NOTE: not-for-us (xoop; not in debian)
  CAN-2003-0490
-         TODO: check
+         NOTE: not-for-us (Dantz Retrospect)
  CAN-2003-0489
          NOTE: covered by DSA-330
  CAN-2003-0488
-         - apache2 2.0.50
+         NOTE: not-for-us (Kerio Mail server)
  CAN-2003-0487
-         TODO: check
+         NOTE: not-for-us (Kerio Mail server)
  CAN-2003-0486
-         TODO: check
+         - phpbb2 2.0.6
  CAN-2003-0485
-         TODO: check
+         NOTE: not-for-us (Progress 4GL Compiler)
  CAN-2003-0484
-         TODO: check
+         - phpbb2 2.0.6d-3
  CAN-2003-0483
-         TODO: check
+         NOTE: not-for-us (XMB Forum)
  CAN-2003-0482
-         TODO: check
+         - tutos 1.1.20030715-1
  CAN-2003-0481
-         TODO: check
+         - tutos 1.1.20030715-1
  CAN-2003-0480
-         TODO: check
+         NOTE: not-for-us (VMware)
  CAN-2003-0479
-         TODO: check
+         NOTE: not-for-us (WebBBS; not in debian)
  CAN-2003-0478
-         TODO: check
+         NOTE: not-for-us (bahamut and other irc daemons; not in debian)
  CAN-2003-0477
-         TODO: check
+         - wzdftpd 0.2
  CAN-2003-0476
          NOTE: covered by DSA-358
          NOTE: fixed in 2.4.22-pre4
  CAN-2003-0475
-         TODO: check
+         NOTE: not-for-us (iWeb server)
  CAN-2003-0474
-         TODO: check
+         NOTE: not-for-us (iWeb server)
  CAN-2003-0473
-         TODO: check
+         NOTE: not-for-us (SGI IRIX)
  CAN-2003-0472
-         TODO: check
+         NOTE: not-for-us (SGI IRIX)
  CAN-2003-0471
-         TODO: check
+         NOTE: not-for-us (webadmin / win)
  CAN-2003-0470
-         TODO: check
+         NOTE: not-for-us (symantec activex)
  CAN-2003-0469
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0468
          NOTE: covered by DSA-363
  CAN-2003-0467
-         TODO: check
+         NOTE: fixed in linux 2.4.21
  CAN-2003-0466
-         TODO: check
+         NOTE: covered by DSA-357
- CAN-2003-0465
+ CAN-2003-0465 strncpy in kernel does not pad with zeroes
-         TODO: check
+         - kernel-source-2.4.27 (unfixed; bug #280492)
+         NOTE: generic .c version fixed in 2.6.x but not in 2.4.x
+         NOTE: arch specific asm versions:
+         NOTE: x86 is not affected
+         NOTE: ppc32 fixed in 2.4.22-rc4
  CAN-2003-0464
-         TODO: check
+         NOTE: fixed in linux 2.4.22-pre8
  CAN-2003-0463
          NOTE: reserved
  CAN-2003-0462
-Line 3163 
 CAN-2003-0462
+Line 3334 
 CAN-2003-0462
  CAN-2003-0461
          NOTE: covered by DSA-358
  CAN-2003-0460
-         TODO: check
+         NOTE: not-for-us (apache for win and os/2)
  CAN-2003-0459
          NOTE: covered by DSA-361
  CAN-2003-0458
-         TODO: check
+         NOTE: not-for-us (HP)
  CAN-2003-0457
          NOTE: reserved
          - mysql-dfsg 4.0.21-4
  CAN-2003-0456
-         TODO: check
+         NOTE: not-for-us (visnetic website)
  CAN-2003-0455
          NOTE: covered by DSA-331
  CAN-2003-0454
-Line 3186 
 CAN-2003-0451
+Line 3357 
 CAN-2003-0451
  CAN-2003-0450
          NOTE: covered by DSA-321
  CAN-2003-0449
-         TODO: check
+         NOTE: not-for-us (progress database)
  CAN-2003-0448
-         TODO: check
+         NOTE: not-for-us (portmon; not in debian)
  CAN-2003-0447
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0446
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0445
          NOTE: covered by DSA-328
  CAN-2003-0444
-Line 3210 
 CAN-2003-0439
+Line 3381 
 CAN-2003-0439
  CAN-2003-0438
          NOTE: covered by DSA-325
  CAN-2003-0437
-         TODO: check
+         - mnogosearch-common 3.2.11
  CAN-2003-0436
-         TODO: check
+         - mnogosearch-common 3.2.11
  CAN-2003-0435
          NOTE: covered by DSA-322
  CAN-2003-0434
-         TODO: check
+         NOTE: various pdf viewers
+         NOTE: kpdf does not seem to support hyperlinks; so not vulnerable
+         NOTE: gpdf 2.8.0 does not seem to be vulnerable
+         - xpdf 2.02pl1-1
  CAN-2003-0433
          NOTE: covered by DSA-315
  CAN-2003-0432
-Line 3224 
 CAN-2003-0432
+Line 3398 
 CAN-2003-0432
  CAN-2003-0431
          NOTE: covered by DSA-324
  CAN-2003-0430
-         TODO: check
+         - ethereal 0.9.13
  CAN-2003-0429
          NOTE: covered by DSA-324
  CAN-2003-0428
-Line 3232 
 CAN-2003-0428
+Line 3406 
 CAN-2003-0428
  CAN-2003-0427
          NOTE: covered by DSA-320
  CAN-2003-0426
-         TODO: check
+         NOTE: not-for-us (Apple)
  CAN-2003-0425
-         TODO: check
+         NOTE: not-for-us (Apple)
  CAN-2003-0424
-         TODO: check
+         NOTE: not-for-us (Apple)
  CAN-2003-0423
-         TODO: check
+         NOTE: not-for-us (Apple)
  CAN-2003-0422
-         TODO: check
+         NOTE: not-for-us (Apple)
  CAN-2003-0421
-         TODO: check
+         NOTE: not-for-us (Apple)
  CAN-2003-0420
          NOTE: reserved
  CAN-2003-0419
-         TODO: check
+         NOTE: not-for-us (SMC)
  CAN-2003-0418
-         TODO: check
+         NOTE: only linux 2.0.x
  CAN-2003-0417
-         TODO: check
+         NOTE: not-for-us (Son hServer)
  CAN-2003-0416
-         TODO: check
+         NOTE: not-for-us (bandmin; not in Debian)
  CAN-2003-0415
-         TODO: check
+         NOTE: not-for-us (Remote PC Access)
  CAN-2003-0414
-         TODO: check
+         NOTE: not-for-us (Sun ONE)
  CAN-2003-0413
-         TODO: check
+         NOTE: not-for-us (Sun ONE)
  CAN-2003-0412
-         TODO: check
+         NOTE: not-for-us (Sun ONE)
  CAN-2003-0411
-         TODO: check
+         NOTE: not-for-us (Sun ONE)
  CAN-2003-0410
-         TODO: check
+         NOTE: not-for-us (AnalogX proxy)
  CAN-2003-0409
-         TODO: check
+         NOTE: not-for-us (BRS WebWeaver)
  CAN-2003-0408
-         TODO: check
+         NOTE: not-for-us (Uptimes Project upclient; not in Debian)
  CAN-2003-0407
-         TODO: check
+         - gbatnav 1.0.4-4
  CAN-2003-0406
-         TODO: check
+         NOTE: not-for-us (PalmVNC)
  CAN-2003-0405
-         TODO: check
+         NOTE: not-for-us (Vignette)
  CAN-2003-0404
-         TODO: check
+         NOTE: not-for-us (Vignette)
  CAN-2003-0403
-         TODO: check
+         NOTE: not-for-us (Vignette)
  CAN-2003-0402
-         TODO: check
+         NOTE: not-for-us (Vignette)
  CAN-2003-0401
-         TODO: check
+         NOTE: not-for-us (Vignette)
  CAN-2003-0400
-         TODO: check
+         NOTE: not-for-us (Vignette / AIX)
- end claimed by stef-guest
  CAN-2003-0399
-         TODO: check
+         NOTE: not-for-us (Vignette StoryServer)
  CAN-2003-0398
-         TODO: check
+         NOTE: not-for-us (Vignette StoryServer)
  CAN-2003-0397
-         TODO: check
+         NOTE: not-for-us (FastTrack network code (Kazaa))
  CAN-2003-0396
-         TODO: check
+         - linux-arm 2.4.1
  CAN-2003-0395
-         TODO: check
+         NOTE: not-for-us (Ultimate PHP Board)
  CAN-2003-0394
-         TODO: check
+         NOTE: not-for-us (BLNews)
  CAN-2003-0393
-         TODO: check
+         NOTE: not-for-us (Privacyware Privatefirewall)
  CAN-2003-0392
-         TODO: check
+         NOTE: not-for-us (ST FTP Service (DOS))
  CAN-2003-0391
-         TODO: check
+         NOTE: not-for-us (Magic WinMail Server)
  CAN-2003-0390
-         TODO: check
+         - opt 3.19
  CAN-2003-0389
-         TODO: check
+         NOTE: not-for-us (RSA ACE/Agent)
  CAN-2003-0388
-         TODO: check
+         NOTE: pam is not vulnerable in default confuguration
+         NOTE: pam is not vulnerable at all in sarge, according to maintainer
  CAN-2003-0387
          NOTE: reserved
  CAN-2003-0386
-         TODO: check
+         NOTE: fixed in current openssh, which always does reverse mapping now
  CAN-2003-0385
          NOTE: covered by DSA-310
+         - xaos 3.1r-4
  CAN-2003-0384
          NOTE: reserved
  CAN-2003-0382
-Line 3327 
 CAN-2003-0381
+Line 3500 
 CAN-2003-0381
  CAN-2003-0380
          NOTE: covered by DSA-314
  CAN-2003-0379
-         TODO: check
+         NOTE: not-for-us (MaxOS)
  CAN-2003-0378
-         TODO: check
+         NOTE: not-for-us (MaxOS)
  CAN-2003-0377
-         TODO: check
+         NOTE: not-for-us (iisPROTECT)
  CAN-2003-0376
-         TODO: check
+         NOTE: not-for-us (Eudora)
  CAN-2003-0375
-         TODO: check
+         NOTE: not-for-us (XMBforum aka Partagium))
  CAN-2003-0374
-         TODO: check
+         - nessus 2.0.6
  CAN-2003-0373
-         TODO: check
+         - nessus 2.0.6
  CAN-2003-0372
-         TODO: check
+         - nessus 2.0.6
  CAN-2003-0371
-         TODO: check
+         NOTE: not-for-us (Prishtina FTP client)
  CAN-2003-0370
          NOTE: covered by DSA-361
  CAN-2003-0369
          NOTE: reserved
  CAN-2003-0368
-         TODO: check
+         NOTE: not-for-us (Nokia Gateway GPRS)
  CAN-2003-0367
-         TODO: check
+         NOTE: covered by DSA-308
  CAN-2003-0366
          NOTE: covered by DSA-318
  CAN-2003-0365
-         TODO: check
+         NOTE: not-for-us (ICQLite)
  CAN-2003-0364
          NOTE: covered by DSA-336
  CAN-2003-0363
-Line 3375 
 CAN-2003-0357
+Line 3548 
 CAN-2003-0357
  CAN-2003-0356
          NOTE: covered by DSA-313
  CAN-2003-0355
-         TODO: check
+         NOTE: not-for-us (Safari)
  CAN-2003-0354
-         TODO: check
+         - gs-gpl 7.07
  CAN-2003-0353
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0352
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0351
          NOTE: rejected
  CAN-2003-0350
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0349
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0348
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0347
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0346
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0345
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0344
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0343
-         TODO: check
+         NOTE: not-for-us (BlackMoon FTP Server)
  CAN-2003-0342
-         TODO: check
+         NOTE: not-for-us (BlackMoon FTP Server)
  CAN-2003-0341
-         TODO: check
+         NOTE: not-for-us (Owl Intranet Engine)
  CAN-2003-0340
-         TODO: check
+         NOTE: not-for-us (Puresecure)
  CAN-2003-0339
-         TODO: check
+         NOTE: not-for-us (WsMp3)
  CAN-2003-0338
-         TODO: check
+         NOTE: not-for-us (WsMp3)
  CAN-2003-0337
-         TODO: check
+         NOTE: not-for-us (lsadmin)
  CAN-2003-0336
-         TODO: check
+         NOTE: not-for-us (Eudora)
  CAN-2003-0335
-         TODO: check
+         NOTE: not-for-us (Slaskware specific)
  CAN-2003-0334
-         TODO: check
+         - ircii-pana 1:1.0-0c19.20030512-1
  CAN-2003-0333
-         TODO: check
+         NOTE: not-for-us (C-Kermit on HP-UX)
  CAN-2003-0332
-         TODO: check
+         NOTE: not-for-us (BadBlue)
  CAN-2003-0331
-         TODO: check
+         NOTE: not-for-us (ttForum)
  CAN-2003-0330
-         TODO: check
+         NOTE: maelstrom in sarge tests not vulnerable to exploit. Unsure when fixed.
  CAN-2003-0329
-         TODO: check
+         NOTE: not-for-us (CesarFTP)
  CAN-2003-0328
          NOTE: covered by DSA-306
  CAN-2003-0327
-         TODO: check
+         NOTE: not-for-us (Sybase Adaptive Server Enterprise)
  CAN-2003-0326
-         TODO: check
+         NOTE: bug does exist in slocate.
+         NOTE: only impacts security if kernel has been recompiled to allow
+         NOTE: an absurd 536870912 bytes of command line arguments. This is
+         NOTE: very unlikely, and if you do exploit it, you get only slocate
+         NOTE: gid.
  CAN-2003-0325
-         TODO: check
+         NOTE: maelstrom in sarge tests not vulnerable to exploit. Unsure when fixed.
  CAN-2003-0324
          NOTE: covered by DSA-287
  CAN-2003-0323
-Line 3445 
 CAN-2003-0322
+Line 3622 
 CAN-2003-0322
  CAN-2003-0320
          NOTE: covered by DSA-306
  CAN-2003-0320
-         TODO: check
+         NOTE: not-for-us (ttCMS)
  CAN-2003-0319
-         TODO: check
+         NOTE: not-for-us (SmartMax MailMax)
  CAN-2003-0318
-         TODO: check
+         NOTE: not-for-us (PHP-Nuke)
  CAN-2003-0317
-         TODO: check
+         NOTE: not-for-us (iisPROTECT)
  CAN-2003-0316
-         TODO: check
+         NOTE: not-for-us (Venturi Client)
  CAN-2003-0315
-         TODO: check
+         NOTE: not-for-us (Snowblind Web Server)
  CAN-2003-0314
-         TODO: check
+         NOTE: not-for-us (Snowblind Web Server)
  CAN-2003-0313
-         TODO: check
+         NOTE: not-for-us (Snowblind Web Server)
  CAN-2003-0312
-         TODO: check
+         NOTE: not-for-us (Snowblind Web Server)
  CAN-2003-0311
          NOTE: reserved
  CAN-2003-0310
-         TODO: check
+         NOTE: author apparently fixed hole by time vuln was reported,
+         NOTE: and I guess that fix made it into new upstream versions,
+         NOTE: but I did not check in detail
  CAN-2003-0309
-         TODO: check
+         NOTE: not-for-us (MSIE)
  CAN-2003-0308
          NOTE: covered by DSA-305
  CAN-2003-0307
-         TODO: check
+         NOTE: not-for-us (Poster version.two)
  CAN-2003-0306
-         TODO: check
+         NOTE: not-for-us (Windows)
  CAN-2003-0305
-         TODO: check
+         NOTE: not-for-us (Cisco)
  CAN-2003-0304
-         TODO: check
+         NOTE: not-for-us (one||zero (aka One or Zero) Helpdesk)
  CAN-2003-0303
-         TODO: check
+         NOTE: not-for-us (one||zero (aka One or Zero) Helpdesk)
  CAN-2003-0302
-         TODO: check
+         NOTE: not-for-us (Eudora)
  CAN-2003-0301
-         TODO: check
+         NOTE: not-for-us (Microsort)
  CAN-2003-0300
-         TODO: check
+         NOTE: sylpheed and sylpheed-claws might still be vulnerable
+         NOTE: but it's only a crasher
  CAN-2003-0299
-         TODO: check
+         NOTE: mutt and balse might still be vulnerable
+         NOTE: but it's only a crasher
  CAN-2003-0298
-         TODO: check
+         - mozilla 1.4b
  CAN-2003-0297
-         TODO: check
+         - uw-imap 7:2002c
+         NOTE: did not check pine
  CAN-2003-0296
-         TODO: check
+         - evolution 1.3.2
  CAN-2003-0295
-         TODO: check
+         NOTE: not-for-us (vBulletin)
  CAN-2003-0294
-         TODO: check
+         NOTE: not-for-us (php-proxima)
  CAN-2003-0293
-         TODO: check
+         NOTE: not-for-us (PalmOS)
  CAN-2003-0292
-         TODO: check
+         NOTE: not-for-us (Inktomi)
  CAN-2003-0291
-         TODO: check
+         NOTE: not-for-us (3com OfficeConnect Remote 812 ADSL Router)
  CAN-2003-0290
-         TODO: check
+         NOTE: not-for-us (eServ)
  CAN-2003-0289
-         TODO: check
+         - cdrtools 4:2.0+a14-1
  CAN-2003-0288
-         TODO: check
+         NOTE: not-for-us (IP Messenger for Win)
  CAN-2003-0287
-         TODO: check
+         NOTE: not-for-us (Movable Type)
  CAN-2003-0286
-         TODO: check
+         NOTE: not-for-us (Snitz Forums)
  CAN-2003-0285
-         TODO: check
+         NOTE: not-for-us (bad sendmail config on AIX)
  CAN-2003-0284
-         TODO: check
+         NOTE: not-for-us (Adobe Acrobat)
  CAN-2003-0283
-         TODO: check
+         NOTE: not-for-us (Phorum)
  CAN-2003-0282
-         TODO: check
+         NOTE: covered by DSA-344
  CAN-2003-0281
-         TODO: check
+         - firebird2 1.5.1-1
+         NOTE: firebird (1) in debian is very insecure and vulnerable, but
+         NOTE: the server is not included, just the libraries. See bug #251458
  CAN-2003-0280
-         TODO: check
+         NOTE: not-for-us (SMTP Service for ESMTP CMailServer )
  CAN-2003-0279
-         TODO: check
+         NOTE: not-for-us (PHP-Nuke)
  CAN-2003-0278
-         TODO: check
+         NOTE: not-for-us (HappyMail)
  CAN-2003-0277
-         TODO: check
+         NOTE: not-for-us (HappyMail)
  CAN-2003-0276
-         TODO: check
+         NOTE: not-for-us (Pi3Web)
  CAN-2003-0275
-         TODO: check
+         NOTE: not-for-us (YaBB SE)
  CAN-2003-0274
-         TODO: check
+         NOTE: not-for-us (ListProc)
  CAN-2003-0273
-         TODO: check
+         NOTE: old version of Request Tracker not in debian.
  CAN-2003-0272
-         TODO: check
+         NOTE: not-for-us (miniPortail)
  CAN-2003-0271
-         TODO: check
+         NOTE: not-for-us (Personal FTP Server)
  CAN-2003-0270
-         TODO: check
+         NOTE: not-for-us (Apple Airport)
  CAN-2003-0269
-         TODO: check
+         NOTE: not-for-us (youbin)
  CAN-2003-0268
-         TODO: check
+         NOTE: not-for-us (SLWebMail on Windows)
  CAN-2003-0267
-         TODO: check
+         NOTE: not-for-us (SLWebMail on Windows)
  CAN-2003-0266
-         TODO: check
+         NOTE: not-for-us (SLWebMail on Windows)
  CAN-2003-0265
-         TODO: check
+         NOTE: not-for-us (SDBINST for SAP database)
  CAN-2003-0264
-         TODO: check
+         NOTE: not-for-us (SLMail)
  CAN-2003-0263
-         TODO: check
+         NOTE: not-for-us (FTGatePro)
  CAN-2003-0262
          NOTE: covered by DSA-299
  CAN-2003-0261
          NOTE: covered by DSA-302
  CAN-2003-0260
-         TODO: check
+         NOTE: not-for-us (Cisco)
  CAN-2003-0259
-         TODO: check
+         NOTE: not-for-us (Cisco)
  CAN-2003-0258
-         TODO: check
+         NOTE: not-for-us (Cisco)
  CAN-2003-0257
-         TODO: check
+         NOTE: not-for-us (AIX)
  CAN-2003-0256
-         TODO: check
+         - kopete 3.2.0
  CAN-2003-0255
-         TODO: check
+         - gnupg 1.2.2
  CAN-2003-0254
          - apache2 2.0.47
  CAN-2003-0253
-Line 3583 
 CAN-2003-0253
+Line 3767 
 CAN-2003-0253
  CAN-2003-0252
          NOTE: covered by DSA-349
  CAN-2003-0251
-         TODO: check
+         NOTE: actually, we need ypserv 2.7, nis 3.11 has ypserv 2.13
+         - nis 3.11
  CAN-2003-0250
          NOTE: reserved
  CAN-2003-0249
-Line 3599 
 CAN-2003-0245
+Line 3784 
 CAN-2003-0245
  CAN-2003-0244
          NOTE: covered by DSA-336
  CAN-2003-0243
-         TODO: check
+         NOTE: not-for-us (Happycgi.com Happymall)
  CAN-2003-0242
-         TODO: check
+         NOTE: not-for-us (MacOS)
  CAN-2003-0241
-         TODO: check
+         NOTE: not-for-us (FrontRange GoldMine / win)
  CAN-2003-0240
-         TODO: check
+         NOTE: not-for-us (Axis Network Camera)
  CAN-2003-0239
-         TODO: check
+         NOTE: not-for-us (Mirabilis ICQ / windows)
  CAN-2003-0238
-         TODO: check
+         NOTE: not-for-us (Mirabilis ICQ / windows)
  CAN-2003-0237
-         TODO: check
+         NOTE: not-for-us (Mirabilis ICQ / windows)
  CAN-2003-0236
-         TODO: check
+         NOTE: not-for-us (Mirabilis ICQ / windows)
  CAN-2003-0235
-         TODO: check
+         NOTE: not-for-us (Mirabilis ICQ / windows)
  CAN-2003-0234
          NOTE: reserved
  CAN-2003-0233
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0232
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0231
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0230
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0229
          NOTE: reserved
  CAN-2003-0228
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0227
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0226
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0225
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0224
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0223
-         TODO: check
+         NOTE: not-for-us (microsoft)
  CAN-2003-0222
-         TODO: check
+         NOTE: not-for-us (oracle)
  CAN-2003-0221
-         TODO: check
+         NOTE: not-for-us (HP tru64)
  CAN-2003-0220
-         TODO: check
+         NOTE: not-for-us (Kerio Personal Firewall)
  CAN-2003-0219
-         TODO: check
+         NOTE: not-for-us (Kerio Personal Firewall)
  CAN-2003-0218
-         TODO: check
+         NOTE: not-for-us (Monkey http daemon; not in debian)
  CAN-2003-0217
-         TODO: check
+         NOTE: not-for-us (Neoteris Instant Virtual Extranet)
  CAN-2003-0216
-         TODO: check
+         NOTE: not-for-us (cisco)
  CAN-2003-0215
-         TODO: check
+         NOTE: not-for-us (bttlxeForum / win)
  CAN-2003-0214
          NOTE: covered by DSA-292
  CAN-2003-0213
-Line 3663 
 CAN-2003-0213
+Line 3848 
 CAN-2003-0213
  CAN-2003-0212
          NOTE: covered by DSA-289
  CAN-2003-0211
-         TODO: check
+         - xinetd 2.3.11
  CAN-2003-0210
-         TODO: check
+         NOTE: not-for-us (cisco)
  CAN-2003-0209
          NOTE: covered by DSA-297
  CAN-2003-0208
-         TODO: check
+         NOTE: not-for-us (macromedia flash)
  CAN-2003-0207
          NOTE: covered by DSA-286
  CAN-2003-0206
-Line 3689 
 CAN-2003-0200
+Line 3874 
 CAN-2003-0200
  CAN-2003-0199
          NOTE: reserved
  CAN-2003-0198
-         TODO: check
+         NOTE: not-for-us (MacOS)
  CAN-2003-0197
-         TODO: check
+         NOTE: not-for-us (Interbase Database)
  CAN-2003-0196
          NOTE: covered by DSA-280
  CAN-2003-0195
          NOTE: covered by DSA-317
  CAN-2003-0194
-         TODO: check
+         NOTE: apparently a redhat specific compilation prolem of tcpdump
  CAN-2003-0193
          NOTE: covered by DSA-576-1
          - catdoc 0.91.5-2
  CAN-2003-0192
          - apache2 2.0.47
  CAN-2003-0190
-         TODO: check
+         - ssh (unfixed; bug filed)
  CAN-2003-0189
          - apache2 2.0.46
  CAN-2003-0188
          NOTE: covered by DSA-304
  CAN-2003-0187
-         TODO: check
+         NOTE: only affects kernel 2.4.19, 2.4.20.
  CAN-2003-0186
          NOTE: reserved
  CAN-2003-0185
-Line 3722 
 CAN-2003-0183
+Line 3907 
 CAN-2003-0183
  CAN-2003-0182
          NOTE: reserved
  CAN-2003-0181
-         TODO: check
+         NOTE: not-for-us (Lotus Domino Web Server)
  CAN-2003-0180
-         TODO: check
+         NOTE: not-for-us (Lotus Domino Web Server)
  CAN-2003-0179
-         TODO: check
+         NOTE: not-for-us (Lotus Domino Web Server)
  CAN-2003-0178
-         TODO: check
+         NOTE: not-for-us (Lotus Domino Web Server)
  CAN-2003-0177
-         TODO: check
+         NOTE: not-for-us (IRIX)
  CAN-2003-0176
-         TODO: check
+         NOTE: not-for-us (IRIX)
  CAN-2003-0175
-         TODO: check
+         NOTE: not-for-us (IRIX)
  CAN-2003-0174
-         - apache2 2.0.49
+         NOTE: not-for-us (IRIX)
  CAN-2003-0173
          NOTE: covered by DSA-283
  CAN-2003-0172
-         TODO: check
+         NOTE: not belived to be vulnerable (http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2)
  CAN-2003-0171
-         TODO: check
+         NOTE: not-for-us (MacOS)
  CAN-2003-0170
-         TODO: check
+         NOTE: not-for-us (AIX)
  CAN-2003-0169
-         TODO: check
+         NOTE: not-for-us (HP Instant TopTools)
  CAN-2003-0168
-         TODO: check
+         NOTE: not-for-us (Apple QuickTime Player)
  CAN-2003-0167
          NOTE: covered by DSA-274
  CAN-2003-0166
-         TODO: check
+         NOTE: not belived to be vulnerable (http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2)
  CAN-2003-0165
-         TODO: check
+         - eog 2.2.1
  CAN-2003-0164
          NOTE: reserved
  CAN-2003-0163
-         TODO: check
+         NOTE: Gaim-Encryption Plugin not in debian
  CAN-2003-0162
          NOTE: covered by DSA-271
  CAN-2003-0161
          NOTE: covered by DSA-278
  CAN-2003-0160
-         TODO: check
+         - squirrelmail 1:1.2.11
  CAN-2003-0159
-         TODO: check
+         - ethereal 0.9.10
  CAN-2003-0158
          NOTE: rejected
  CAN-2003-0157
-Line 3782 
 CAN-2003-0153
+Line 3967 
 CAN-2003-0153
  CAN-2003-0152
          NOTE: covered by DSA-265
  CAN-2003-0151
-         TODO: check
+         NOTE: not-for-us (BEA WebLogic Server)
  CAN-2003-0150
          NOTE: covered by DSA-303
  CAN-2003-0149
-         TODO: check
+         NOTE: not-for-us (McAfee ePolicy Orchestrator)
  CAN-2003-0148
-         TODO: check
+         NOTE: not-for-us (McAfee ePolicy Orchestrator)
  CAN-2003-0147
          NOTE: covered by DSA-288
  CAN-2003-0146
-Line 3800 
 CAN-2003-0144
+Line 3985 
 CAN-2003-0144
  CAN-2003-0143
          NOTE: covered by DSA-259
  CAN-2003-0142
-         TODO: check
+         NOTE: not-for-us (acroread)
  CAN-2003-0141
-         TODO: check
+         NOTE: not-for-us (Real)
  CAN-2003-0140
          NOTE: covered by DSA-268
  CAN-2003-0139
-Line 3810 
 CAN-2003-0139
+Line 3995 
 CAN-2003-0139
  CAN-2003-0138
          NOTE: covered by DSA-266
  CAN-2003-0137
-         TODO: check
+         NOTE: not-for-us (Nokia Serving GPRS support node)
  CAN-2003-0136
          NOTE: covered by DSA-285
  CAN-2003-0135
-         TODO: check
+         NOTE: red-hat specific compilation problem of vsftpd
  CAN-2003-0134
          - apache2 2.0.46
  CAN-2003-0133
-         TODO: check
+         - evolution 1.2.4
  CAN-2003-0132
          - apache2 2.0.45
  CAN-2003-0131
          NOTE: covered by DSA-288
  CAN-2003-0130
-         TODO: check
+         - evolution 1.2.3
  CAN-2003-0129
-         TODO: check
+         - evolution 1.2.3
  CAN-2003-0128
-         TODO: check
+         - evolution 1.2.3
  CAN-2003-0127
          NOTE: covered by DSA-270
  CAN-2003-0126
-         TODO: check
+         NOTE: not-for-us (SOHO Routefinder 550 firmware)
  CAN-2003-0121
-         TODO: check
+         NOTE: not-for-us (Clearswift MAILsweeper)
  CAN-2003-0120
          NOTE: covered by DSA-256
  CAN-2003-0119
-         TODO: check
+         NOTE: not-for-us (AIX)
  CAN-2003-0118
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0117
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0116
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0115
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0114
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0113
-         - apache2 2.0.49
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0112
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0111
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0110
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0109
-         TODO: check
+         NOTE: not-for-us (Microsoft)
  CAN-2003-0108
          NOTE: covered by DSA-255
+         - tcpdump 3.7.1-1.2
  CAN-2003-0106
-         TODO: check
+         NOTE: not-for-us (Symantec Enterprise Firewall)
  CAN-2003-0105
-         TODO: check
+         NOTE: not-for-us (ServerMask)
  CAN-2003-0102
          NOTE: covered by DSA-260
  CAN-2003-0101
-Line 3874 
 CAN-2003-0099
+Line 4060 
 CAN-2003-0099
  CAN-2003-0098
          NOTE: covered by DSA-277
  CAN-2003-0096
-         TODO: check
+         NOTE: not-for-us (Oracle)
  CAN-2003-0093
          NOTE: covered by DSA-261
  CAN-2003-0092
-         TODO: check
+         NOTE: not-for-us (Solaris)
  CAN-2003-0091
-         TODO: check
+         NOTE: not-for-us (Solaris)
  CAN-2003-0090
          NOTE: rejected
  CAN-2003-0089
-         TODO: check
+         NOTE: not-for-us (HP-UX)
  CAN-2003-0086
          NOTE: covered by DSA-262
  CAN-2003-0085
          NOTE: covered by DSA-262
  CAN-2003-0084
-         TODO: check
+         NOTE: mod_auth_any not in Debian
  CAN-2003-0083
          - apache2 2.0.46
+         - apache 1.3.25
  CAN-2003-0082
          NOTE: covered by DSA-266
  CAN-2003-0081
          NOTE: covered by DSA-258
  CAN-2003-0080
-         TODO: check
+         - gnome-lokkit 0.50.22-4
  CAN-2003-0078
          NOTE: covered by DSA-253
  CAN-2003-0076
-         TODO: check
+         - dcgui 0.2.2
  CAN-2003-0074
-         TODO: check
+         - plptools 0.12-0
  CAN-2003-0073
          NOTE: covered by DSA-303
  CAN-2003-0072
-Line 3999 
 CAN-2003-0005
+Line 4186 
 CAN-2003-0005
          NOTE: reserved
  CAN-2003-0001
          NOTE: covered by DSA-336
+ begin claimed by pdwerryh-guest
  CAN-2002-1583
+         NOTE: not-for-us (IBM DB2)
  CAN-2002-1582
+         NOTE: mailreader. not clear if this was fixed.
+         TODO: check
  CAN-2002-1581
          NOTE: covered by DSA-534
+         - mailreader 2.3.29-9
  CAN-2002-1580
          NOTE: covered by DSA-215
+         - cyrus-imapd 1.5.19-9.10
  CAN-2002-1579
+         NOTE: not for us (SAP)
  CAN-2002-1578
+         NOTE: not for us (SAP)
  CAN-2002-1577
+         NOTE: not for us (SAP)
  CAN-2002-1576
+         NOTE: not for us (SAP)
  CAN-2002-1575
          NOTE: covered by DSA-437
+         - cgiemail 1.6-20
  CAN-2002-1573
          NOTE: reserved
  CAN-2002-1572
-Line 4018 
 CAN-2002-1572
+Line 4218 
 CAN-2002-1572
  CAN-2002-1571
          NOTE: reserved
  CAN-2002-1570
+         - ucd-snmp 4.2.3-2
  CAN-2002-1569
+         - gv 1:3.5.8-27
  CAN-2002-1568
+         - openssl 0.9.6g-1
  CAN-2002-1567
+         NOTE: tomcat4 cross-site vuln
+         TODO: check
  CAN-2002-1566
+         - netris 0.52-1
  CAN-2002-1565
+         NOTE: covered by DSA-209
+         - wget 1.8.1-6.1
  CAN-2002-1564
+         NOTE: not-for-us (microsoft)
  CAN-2002-1563
+         - stunnel4 4.04-1
+         - stunnel 2:3.24-1
  CAN-2002-1562
          NOTE: covered by DSA-396
+         - thttpd 2.23beta1-2.3
  CAN-2002-1561
+         NOTE: not-for-us (microsoft)
  CAN-2002-1559
+         NOTE: not-for-us (ion-p)
  CAN-2002-1558
+         NOTE: not-for-us (cisco)
  CAN-2002-1557
+         NOTE: not-for-us (cisco)
  CAN-2002-1556
+         NOTE: not-for-us (cisco)
  CAN-2002-1555
+         NOTE: not-for-us (cisco)
  CAN-2002-1554
+         NOTE: not-for-us (cisco)
  CAN-2002-1553
+         NOTE: not-for-us (cisco)
  CAN-2002-1551
+         NOTE: not-for-us (AIX)
  CAN-2002-1546
+         NOTE: not-for-us (Webweaver)
  CAN-2002-1545
+         NOTE: not-for-us (Coolsoft)
  CAN-2002-1544
+         NOTE: not-for-us (Coolsoft)
  CAN-2002-1542
+         NOTE: not-for-us (SolarWinds)
  CAN-2002-1539
+         NOTE: not-for-us (MDaemon)
  CAN-2002-1536
+         NOTE: not-for-us (Molly)
  CAN-2002-1535
+         NOTE: not-for-us (Symantec)
  CAN-2002-1533
+         NOTE: problem in jetty 4.1.0, Debian started with 4.2
  CAN-2002-1527
+         NOTE: not-for-us (EMU Webmail)
  CAN-2002-1526
+         NOTE: not-for-us (EMU Webmail)
  CAN-2002-1525
+         NOTE: not-for-us (Sun)
  CAN-2002-1523
+         NOTE: not-for-us (Miniserver)
  CAN-2002-1522
+         NOTE: not-for-us (PowerFTP)
  CAN-2002-1515
+         NOTE: not-for-us (Coolforum)
  CAN-2002-1512
+         NOTE: not-for-us (BRU)
  CAN-2002-1508
          NOTE: covered by DSA-227
+         - openldap2 2.0.27-3
  CAN-2002-1507
+         NOTE: not-for-us (Unreal)
  CAN-2002-1506
+         NOTE: linuxconf not in unstable or testing
  CAN-2002-1504
+         NOTE: not-for-us (webserver-4everyone)
  CAN-2002-1503
+         NOTE: AFD not in debian
  CAN-2002-1500
+         NOTE: not-for-us (NetBSD)
  CAN-2002-1499
+         NOTE: not-for-us (FactoSystem)
  CAN-2002-1498
+         NOTE: not-for-us (SWServer)
  CAN-2002-1495
+         NOTE: not-for-us (Jawmail)
  CAN-2002-1492
+         NOTE: not-for-us (Cisco)
  CAN-2002-1489
+         NOTE: not-for-us (PlanetDNS)
  CAN-2002-1488
+         NOTE: not-for-us (Trillian)
  CAN-2002-1487
+         NOTE: not-for-us (Trillian)
  CAN-2002-1486
+         NOTE: not-for-us (Trillian)
  CAN-2002-1485
+         NOTE: not-for-us (Trillian)
  CAN-2002-1484
+         NOTE: not-for-us (db4web)
  CAN-2002-1483
+         NOTE: not-for-us (db4web)
  CAN-2002-1482
+         NOTE: phpGB not in Debian
  CAN-2002-1481
+         NOTE: phpGB not in Debian
  CAN-2002-1480
+         NOTE: phpGB not in Debian
  CAN-2002-1478
          NOTE: covered by DSA-164
  CAN-2002-1477
-Line 4285 
 CAN-2002-1301
+Line 4541 
 CAN-2002-1301
          NOTE: reserved
  CAN-2002-1300
          NOTE: reserved
+ end claimed by pdwerryh-guest
  CAN-2002-1299
          NOTE: reserved
  CAN-2002-1298
-Line 4661 
 CAN-2002-0852
+Line 4920 
 CAN-2002-0852
  CAN-2002-0849
  CAN-2002-0843
          NOTE: covered by DSA-187
+         - apache 1.3.27-0.1
  CAN-2002-0841
          NOTE: rejected
  CAN-2002-0840
          NOTE: covered by DSA-187
          - apache2 2.0.43-1
+         - apache 1.3.27-0.1
  CAN-2002-0839
          NOTE: covered by DSA-187
+         - apache 1.3.27-0.1
  CAN-2002-0838
          NOTE: covered by DSA-176
  CAN-2002-0837
-Line 4784 
 CAN-2002-0656
+Line 5046 
 CAN-2002-0656
          NOTE: covered by DSA-136
  CAN-2002-0655
          NOTE: covered by DSA-136
+ NOTE: this is approximatly the release of woody, so we can stop here
  CAN-2002-0654
          - apache2 2.0.40
  CAN-2002-0652
-Line 5202 
 CAN-2002-0010
+Line 5467 
 CAN-2002-0010
  CAN-2002-0008
  CAN-2002-0001
  CAN-2001-1413
+         NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
  CAN-2001-1412
  CAN-2001-1411
  CAN-2001-1410

 Legend:



Removed from v.75
 


changed lines


 
Added in v.127
 Legend:



Removed from v.75
 


changed lines


 
Added in v.127
-Removed from v.75
+Added in v.127

	ViewVC Help
Powered by ViewVC 1.1.5