On Mon, Jan 16, 2006 at 01:59:49PM +0100, Max Vozeler wrote:
> On Mon, Jan 16, 2006 at 12:59:09PM +0100, Javier Fernández-Sanguino Peña wrote:
> > If anyone has some spare time, please pick up the wml files from
> > http://cvs.debian.org/webwml/english/security/audit/?root=webwml add
> > the advisories / bugs there and provide me with a patch so I can
> > upload it to the website.
> I will try to find some time to send you a patch for the BTS-list.
.. attached.
I hope this is all of them. There are some duplicates when compared
with the DSA-list that I wasn't sure what to do about. I've left
them in for now (maildrop, pstotext; probably rssh and scponly will
see DSAs eventually.)
There are also some vulns that have only CAN/CVE references, but
neither DSA nor BTS references. Would it make sense to include
those in one way or another? There would probably be lots of
duplication with other lists unless it contained only bugs that are
identified by CAN/CVE only.
cheers,
Max
Index: bugs.wml
===================================================================
RCS file: /cvs/webwml/webwml/english/security/audit/bugs.wml,v
retrieving revision 1.13
diff -u -r1.13 bugs.wml
--- bugs.wml 14 Jun 2005 19:31:28 -0000 1.13
+++ bugs.wml 16 Jan 2006 13:52:46 -0000
@@ -20,6 +20,12 @@
# Format for all the lines:
#<li><btsurl bug="XXXXX">: Brief description
+<li><btsurl bug="344424">: chroot() design flaw in rssh suid helper.
+<li><btsurl bug="344418">: chroot() design flaw in scponlyc.
+<li><btsurl bug="329365">: umask problem in mailleds - user may kill any process.
+<li><btsurl bug="325135">: maildrop leaks egid mail to external program.
+<li><btsurl bug="319758">: pstotext: arbitrary postscript execution.
+<li><btsurl bug="319757">: netpbm: arbitrary postscript execution.
<li><btsurl bug="305255">: directory traversal bug in gzip when using <em>gunzip -N</em>.
<li><btsurl bug="304525">: XSS bugs in ilohamail.
<li><btsurl bug="302454">: symlink following of trackballs.
@@ -91,12 +97,15 @@
<li><btsurl bug="278879">: arc: buffer overflows cause crashes from command line or
env-vars.
<li><btsurl bug="278878">: rockdodger: obscure buffer overflows.
+<li><btsurl bug="269618">: sympa postinst may leave wwsympa.fcgi suid root.
<li><btsurl bug="268236">: flawfinder: program crashes when it can't read files to
-audit.
+<li><btsurl bug="267101">: multiple buffer overflows in termpkg.
+<li><btsurl bug="267098">: buffer overflow and format string bug in sredird.
<li><btsurl bug="265904">: fscanf buffer overflow in shar.
<li><btsurl bug="257112">: insecure world writable directories in transcriber.
<li><btsurl bug="256381">: insecure temporary file usage in arpwatch.
<li><btsurl bug="256377">: insecure temporary file usage in shorewall.
+<li><btsurl bug="255033">: design flaw in securecgi.
<li><btsurl bug="249616">: insecure temporary file usage in Magicfilter.
<li><btsurl bug="249613">: insecure temporary file usage in Mozilla.
<li><btsurl bug="225231">: format string overflow in ud.
Received on Mon Jan 16 2006 - 14:03:51 GMT