checking testing against this year's DSAs

To: debian-release@lists.debian.org, security@debian.org
Subject: checking testing against this year's DSAs
From: Joey Hess <joeyh@debian.org>
Date: Mon, 9 Aug 2004 22:40:03 -0300
Message-id: <[🔎] 20040810014003.GA5377@kitenet.net>
Mail-followup-to: debian-release@lists.debian.org, security@debian.org
Executive summary: Security holes not fixed yet in sarge include those in
libpng, libpng3, php4, netkit-telnet-ssl, pavuk, www-sql, lha, log2mail,
hsftp, trr19, slocate. Grep for "!" for details.

I've looked through every DSA issued in 2004, and checked to see if the
security hole was fixed in sarge. Of course this will miss:
	- security holes that were not in woody (would need to scan all
	  CVE's to find)
	- security bugs that did not get a CVE (but mdz says he's been
	  getting CVE's assigned for all security tagged bugs)
	- security holes for which the security team has not yet issued a
	  DSA (mozilla problms come to mind)
	- security holes fixed silently upstream (doh)

For each DSA, I checked the DSA or package changelog in unstable to see
what version fixed the security hole(s). In some cases I had to look at
upstream changelogs and CERT data. In no case have I actually tested the
software.

The other 1.5 years worth of DSA's back to the release of woody would
probably take several more days to check. This is very parallellizable if
someone would like to help, and I'll probably burn out before I check them
all, so please do.

This report is intended to be machine processable.
Packages that need to be updated in sarge are indicated with "!".
Packages that are already fixed in sarge are indicated with "-".
CVS's related to the DSA are listed in brackets.
NOTE and HELP are used for comments.

[04 Aug 2004] DSA-536 libpng - several vulnerabilities
	{CAN-2004-0597 CAN-2004-0598 CAN-2004-0599 CAN-2004-0768}
	! libpng 1.0.15-6
	! libpng3 1.2.5.0-7
[02 Aug 2004] DSA-535 squirrelmail - several vulnerabilities
	{CAN-2004-0519 CAN-2004-0520 CAN-2004-0521 CAN-2004-0639}
	- squirrelmail 2:1.4.3a-0.1
[22 Jul 2004] DSA-534 mailreader - directory traversal
	{CAN-2002-1581}
	- mailreader 2.3.29-9
[22 Jul 2004] DSA-533 courier - cross-site scripting
	{CAN-2004-0591}
	- courier 0.45.4-4
[22 Jul 2004] DSA-532 libapache-mod-ssl - several vulnerabilities
	{CAN-2004-0488 CAN-2004-0700}
	- libapache-mod-ssl 2.8.19-1
[20 Jul 2004] DSA-531 php4 - several vulnerabilities
	{CAN-2004-0594 CAN-2004-0595}
	! php4 4:4.3.8-1
[17 Jul 2004] DSA-530 l2tpd - buffer overflow
	{CAN-2004-0649}
	- l2tpd 0.70-pre20031121-2
[17 Jul 2004] DSA-529 netkit-telnet-ssl - format string
	{CAN-2004-0640}
	! netkit-telnet-ssl 0.17.24+0.1-2
[17 Jul 2004] DSA-528 ethereal - denial of service
	{CAN-2004-0635}
	- ethereal 0.10.5-1
[03 Jul 2004] DSA-527 pavuk - buffer overflow
	{CAN-2004-0456}
	NOTE: DSA is incorrect; pavuk is in sarge and unstable.
	! pavuk (unfixed; bug #264684)
[03 Jul 2004] DSA-526 webmin - several vulnerabilities
	{CAN-2004-0582 CAN-2004-0583}
	- webmin 1.150-1
[24 Jun 2004] DSA-525 apache - buffer overflow
	{CAN-2004-0492}
	- apache 1.3.31-2
[19 Jun 2004] DSA-524 rlpr - several vulnerabilities
	{CAN-2004-0393 CAN-2004-0454}
	- rlpr (unfixed; bug #255402)
[19 Jun 2004] DSA-523 www-sql - buffer overflow
	{CAN-2004-0455}
	! www-sql 0.5.7-18
[19 Jun 2004] DSA-522 super - format string vulnerability
	{CAN-2004-0579}
	- super 3.23.0-1
[18 Jun 2004] DSA-521 sup - format string vulnerability
	{CAN-2004-0451}
	- sup 1.8-11
[16 Jun 2004] DSA-520 krb5 - buffer overflows
	{CAN-2004-0523}
	- krb5 1.3.3-2
[15 Jun 2004] DSA-519 cvs - several vulnerabilities
	{CAN-2004-0416 CAN-2004-0417 CAN-2004-0418}
	- cvs 1:1.12.9-1
[14 Jun 2004] DSA-518 kdelibs - unsanitised input
	{CAN-2004-0411}
	- kdelibs 3.2.3
[10 Jun 2004] DSA-517 cvs - buffer overflow
	{CAN-2004-0414]
	- cvs 1.12.9-1
[07 Jun 2004] DSA-516 postgresql - buffer overflow
	{CAN-2004-0547}
	- postgresql 07.03.0200-3.
[05 Jun 2004] DSA-515 lha - several vulnerabilities
	{CAN-2004-0234 CAN-2004-0235}
	! lha 1.14i-8
	NOTE: If 1.14i-8 cannot get into testing, the fix for 1.14i-2.0.1
	from the DSA could to updated via t-p-u.
[04 Jun 2004] DSA-514 kernel-image-sparc-2.2 - failing function and TLB flush
	{CAN-2004-0077}
	- kernel-image-sparc-2.2 9.1
	NOTE: did not check other versions of the kernel
[03 Jun 2004] DSA-513 log2mail - format string
	{CAN-2004-0450}
	! log2mail (unfixed; bug #264687)
[02 Jun 2004] DSA-512 gallery - unauthenticated access
	{CAN-2004-0522}
	- gallery 1.4.3-pl2-1
[30 May 2004] DSA-511 ethereal - buffer overflows
	{CAN-2004-0176
	- ethereal 0.10.3-1
[29 May 2004] DSA-510 jftpgw - format string
	{CAN-2004-0448}
	- jftpgw 0.13.4-1
[29 May 2004] DSA-509 gatos - privilege escalation
	{CAN-2004-0395}
	- gatos 0.0.5-12
[22 May 2004] DSA-508 xpcd - buffer overflow
	{CAN-2004-0402}
	- xpcd 2.08-10
[19 May 2004] DSA-507 cadaver - buffer overflow
	{CAN-2004-0398}
	- cadaver 0.22.1-3
[19 May 2004] DSA-506 neon - buffer overflow
	{CAN-2004-0398}
	- neon 0.24.6.dfsg-1
[19 May 2004] DSA-505 cvs - heap overflow
	{CAN-2004-0396}
	- cvs 1.12.5-6
[18 May 2004] DSA-504 heimdal - missing input sanitising
	{CAN-2004-0434}
	- heimdal 0.6.2-1
[13 May 2004] DSA-503 mah-jong - missing argument check
	{CAN-2004-0458}
	- mah-jong 1.6.2-1
[11 May 2004] DSA-502 exim-tls - buffer overflow
	{CAN-2004-0399 CAN-2004-0400}
	NOTE: exim-tls not in sarge
[07 May 2004] DSA-501 exim - buffer overflow
	{CAN-2004-0399 CAN-2004-0400}
	- exim 3.36-11
	- exim4 4.33-1
[01 May 2004] DSA-500 flim - insecure temporary file
	{CAN-2004-0422}
	- flim 1:1.14.6+0.20040415-1
[01 May 2004] DSA-499 rsync - directory traversal
	{CAN-2004-0426}
	- rsync 2.6.1-1
[30 Apr 2004] DSA-498 libpng - out of bound access
	{CAN-2004-0421}
	- libpng 1.0.15-5
	- libpng3 1.2.5.0-6
[29 Apr 2004] DSA-497 mc - several vulnerabilities
	{CAN-2004-0226 CAN-2004-0231 CAN-2004-0232}
	- mc 1:4.6.0-4.6.1-pre1-2
[29 Apr 2004] DSA-496 eterm - missing input sanitising
	{CAN-2003-0068}
	- eterm 0.9.2-6
[26 Apr 2004] DSA-495 linux-kernel-2.4.16-arm - several vulnerabilities
	{CAN-2003-0127 CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178}
	NOTE: 2.4.16 not present. Did not check newer kernels.
[21 Apr 2004] DSA-494 ident2 - buffer overflow
	{CAN-2004-0408}
	- ident2 1.04-2
[21 Apr 2004] DSA-493 xchat - buffer overflow
	{CAN-2004-0409}
	- xchat 2.0.8-1
[18 Apr 2004] DSA-492 iproute - denial of service
	{CAN-2003-0856}
	- iproute 20010824-13.1
[17 Apr 2004] DSA-491 linux-kernel-2.4.19-mips - several vulnerabilities
	{CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178}
	NOTE: 2.4.19 not present. Did not check newer kernels.
[17 Apr 2004] DSA-490 zope - arbitrary code execution
	{CVE-2002-0688}
	- zope 2.6.0-0.1
[17 Apr 2004] DSA-489 linux-kernel-2.4.17-mips+mipsel - several vulnerabilities
	{CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[16 Apr 2004] DSA-488 logcheck - insecure temporary directory
	{CAN-2004-0404}
	- logcheck 1.1.1-13.2
[16 Apr 2004] DSA-487 neon - format string
	{CAN-2004-0179}
	- newo 0.24.5-1
[16 Apr 2004] DSA-486 cvs - several vulnerabilities
	{CAN-2004-0180 CAN-2004-0405}
	- cvs 1:1.12.5-4
[14 Apr 2004] DSA-485 ssmtp - format string
	{CAN-2004-0156}
	- ssmtp 2.60.7
[14 Apr 2004] DSA-484 xonix - failure to drop privileges
	{CAN-2004-0157}
	- xonix 1.4-21
[14 Apr 2004] DSA-483 mysql - insecure temporary file creation
	{CAN-2004-0381 CAN-2004-0388}
	- mysql-dfsg 4.0.18-6
[14 Apr 2004] DSA-482 linux-kernel-2.4.17-apus+s390 - several vulnerabilities
	{CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[14 Apr 2004] DSA-481 linux-kernel-2.4.17-ia64 - several vulnerabilities
	{CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[14 Apr 2004] DSA-480 linux-kernel-2.4.17+2.4.18-hppa - several vulnerabilities
	{CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178}
	NOTE: 2.4.17/18 not present. Did not check newer kernels.
[14 Apr 2004] DSA-479 linux-kernel-2.4.18-alpha+i386+powerpc - several vulnerabilities
	{CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178}
	NOTE: 2.4.18 not present. Did not check newer kernels.
[06 Apr 2004] DSA-478 tcpdump - denial of service
	{CAN-2004-0183 CAN-2004-0184}
	- tcpdump 3.7.2-4
[06 Apr 2004] DSA-477 xine-ui - insecure temporary file creation
	{CAN-2004-0372}
	- xine-ui 0.99.1-1
[06 Apr 2004] DSA-476 heimdal - cross-realm
	{CAN-2004-0371}
	- heimdal 0.6.1-1
[05 Apr 2004] DSA-475 linux-kernel-2.4.18-hppa - several vulnerabilities
	{CAN-2003-0961 CAN-2003-0985 CAN-2004-0077}
	NOTE: 2.4.18 not present. Did not check newer kernels.
[03 Apr 2004] DSA-474 squid - ACL bypass
	{CAN-2004-0189}
	- squid 2.5.5-1
[03 Apr 2004] DSA-473 oftpd - denial of service
	{CAN-2004-0376}
	- oftpd 20040304-1
[03 Apr 2004] DSA-472 fte - several vulnerabilities
	{CAN-2003-0648}
	- fte 0.50.0-1.1
[02 Apr 2004] DSA-471 interchange - missing input sanitising
	{CAN-2004-0374}
	- interchange 5.0.1-1
[01 Apr 2004] DSA-470 linux-kernel-2.4.17-hppa - several vulnerabilities
	{CAN-2003-0961 CAN-2003-0985 CAN-2004-0077}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[29 Mar 2004] DSA-469 pam-pgsql - missing input sanitising
	{CAN-2004-0366}
	- pam-pgsql 0.5.2-7.1
[24 Mar 2004] DSA-468 emil - several vulnerabilities
	{CAN-2004-0152 CAN-2004-0153}
	- emil 2.1.0-beta9-14
[23 Mar 2004] DSA-467 ecartis - several vulnerabilities
	{CAN-2003-0781 CAN-2003-0782}
	- ecartis 1.0.0+cvs.20030911
[18 Mar 2004] DSA-466 linux-kernel-2.2.10-powerpc-apus - failing function and TLB flush
	{CAN-2004-0077}
	NOTE: 2.2.10 not present. Did not check newer kernels.
[17 Mar 2004] DSA-465 openssl - several vulnerabilities
	{CAN-2004-0079 CAN-2004-0081}
	- openssl 0.9.7d-1
	NOTE: CAN-2004-0081 only affects 0.9.6.
	NOTE: 0.9.7d also fixes CAN-2004-0112
	- openssl 0.9.6l
[16 Mar 2004] DSA-464 gdk-pixbuf - broken image handling
	{CAN-2004-0111}
	- gdk-pixbuf 0.22.0-3
[12 Mar 2004] DSA-463 samba - privilege escalation
	{CAN-2004-0186}
	- samba 3.0.2-2
[12 Mar 2004] DSA-462 xitalk - missing privilege release
	{CAN-2004-0151}
	- xitalk 1.1.11-11
[11 Mar 2004] DSA-461 calife - buffer overflow
	{CAN-2004-0188}
	- calife 2.8.6-1.
[10 Mar 2004] DSA-460 sysstat - insecure temporary file
	{CAN-2004-0108}
	- sysstat 5.0.2-1
[10 Mar 2004] DSA-459 kdelibs - cookie path traversal
	{CAN-2003-0592}
	- kdelibs 4:3.1.3-1
[09 Mar 2004] DSA-458 python2.2 - buffer overflow
	{CAN-2004-0150}
	NOTE: not affected according to DSA
[08 Mar 2004] DSA-457 wu-ftpd - several vulnerabilities
	CAN-2004-0148 CAN-2004-0185}
	- wu-ftpd 2.6.2-17.1
[06 Mar 2004] DSA-456 linux-kernel-2.2.19-arm - failing function and TLB flush
	{CAN-2004-0077}
	NOTE: 2.2.19 not present. Did not check newer kernels.
[03 Mar 2004] DSA-455 libxml - buffer overflows
	{CAN-2004-0110}
	- libxml 1.8.17-5
	- libxml2 2.6.6-1
[02 Mar 2004] DSA-454 linux-kernel-2.2.22-alpha - failing function and TLB flush
	{CAN-2004-0077}
	NOTE: 2.2.22 not present. Did not check newer kernels.
[02 Mar 2004] DSA-453 linux-kernel-2.2.20-i386+m68k+powerpc - failing function and TLB flush
	{CAN-2004-0077}
	NOTE: 2.2.20 not present. Did not check newer kernels.
[29 Feb 2004] DSA-452 libapache-mod-python - denial of service
	{CAN-2003-0973}
	- libapache-mod-python 2:2.7.10-1
[27 Feb 2004] DSA-451 xboing - buffer overflows
	{CAN-2004-0149}
	- xboing 2.4-26.1
[27 Feb 2004] DSA-450 linux-kernel-2.4.19-mips - several vulnerabilities
	{CAN-2003-0961 CAN-2003-0985 CAN-2004-0077}
	NOTE: 2.4.19 not present. Did not check newer kernels.
[24 Feb 2004] DSA-449 metamail - buffer overflow, format string bugs
	{CAN-2004-0104 CAN-2004-0105}
	- metamail 2.7-45.2
[22 Feb 2004] DSA-448 pwlib - several vulnerabilities
	{CAN-2004-0097}
	- pwlib 1.5.2-4
[22 Feb 2004] DSA-447 hsftp - format string
	{CAN-2004-0159}
	! hsftp (unfixed; bug #264697)
[21 Feb 2004] DSA-446 synaesthesia - insecure file creation
	{CAN-2004-0160}
	DSA notes not setuid anymore so ok
[21 Feb 2004] DSA-445 lbreakout2 - buffer overflow
	{CAN-2004-0158}
	- lbreakout2 2.4
[20 Feb 2004] DSA-444 linux-kernel-2.4.17-ia64 - missing function return value check
	{CAN-2004-0077}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[19 Feb 2004] DSA-443 xfree86 - several vulnerabilities
	{CAN-2003-0690}
	- xfree86 4.3.0-0pre1v2
	{CAN-2004-0083 CAN-2004-0084 CAN-2004-0106}
	- xfree86 4.3.0-1
	{CAN-2004-0093 CAN-2004-0094}
	- xfree86 4.2.1-6
[19 Feb 2004] DSA-442 linux-kernel-2.4.17-s390 - several vulnerabilities
	{CAN-2003-0001 CAN-2003-0244 CAN-2003-0246 CAN-2003-0247 CAN-2003-0248 CAN-2003-0364 CAN-2003-0961 CAN-2003-0985 CAN-2004-0077 CVE-2002-0429}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[18 Feb 2004] DSA-441 linux-kernel-2.4.17-mips+mipsel - missing function return value check
	{CAN-2004-0077}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[18 Feb 2004] DSA-440 linux-kernel-2.4.17-powerpc-apus - several vulnerabilities
	{CAN-2003-0961 CAN-2003-0985 CAN-2004-0077}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[18 Feb 2004] DSA-439 linux-kernel-2.4.16-arm - several vulnerabilities
	{CAN-2003-0961 CAN-2003-0985 CAN-2004-0077}
	NOTE: 2.4.16 not present. Did not check newer kernels.
[18 Feb 2004] DSA-438 linux-kernel-2.4.18-alpha+i386+powerpc - missing function return value check
	{CAN-2004-0077}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[11 Feb 2004] DSA-437 cgiemail - open mail relay
	{CAN-2002-1575}
	- cgiemail 1.6-20
[08 Feb 2004] DSA-436 mailman - several vulnerabilities
	{CAN-2003-0991}
	NOTE: apparently specific to mailman 2.0, not 2.1?
	{CAN-2003-0965}
	- mailman 2.1.4-1
	{CAN-2003-0038}
	- mailman 2.1.1-1
[06 Feb 2004] DSA-435 mpg123 - heap overflow
	{CAN-2003-0865}
	- mpg123 0.59r-15
[05 Feb 2004] DSA-434 gaim - several vulnerabilities
	{CAN-2004-0005 CAN-2004-0006 CAN-2004-0007 CAN-2004-0008}
	- gaim 1:0.75-2
[04 Feb 2004] DSA-433 kernel-patch-2.4.17-mips - integer overflow
	{CAN-2003-0961}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[03 Feb 2004] DSA-432 crawl - buffer overflow
	{CAN-2004-0103}
	- crawl 4.0.0beta26-4
[01 Feb 2004] DSA-431 perl - information leak
	{CAN-2003-0618}
	- perl 5.8.3-3
[28 Jan 2004] DSA-430 trr19 - missing privilege release
	{CAN-2004-0047}
	! trr19 (unfixed; bug #264702)
[26 Jan 2004] DSA-429 gnupg - cryptographic weakness
	{CAN-2003-0971}
	- gnupg 1.2.4-1
[20 Jan 2004] DSA-428 slocate - buffer overflow
	{CAN-2003-0848}
	! slocate (unfixed; bug #226103)
[19 Jan 2004] DSA-427 linux-kernel-2.4.17-mips+mipsel - missing boundary check
	{CAN-2003-0985}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[18 Jan 2004] DSA-426 netpbm-free - insecure temporary files
	{CAN-2003-0924}
	- netpbm-free 2:9.25-9
[16 Jan 2004] DSA-425 tcpdump - multiple vulnerabilities
	{CAN-2003-1029 CAN-2003-0989 CAN-2004-0055 CAN-2004-0057}
	HELP: No idea if this is fixed, we have a new upstream version
	HELP: that came out after these advisories, but neither the debian nor
	HELP: the upstream changelog seem to mention them.
	NOTE: Mailed maintainr.
[16 Jan 2004] DSA-424 mc - buffer overflow
	{CAN-2003-1023}
	- mc 1:4.6.0-4.6.1-pre1-1
[15 Jan 2004] DSA-423 linux-kernel-2.4.17-ia64 - several vulnerabilities
	{CAN-2003-0001 CAN-2003-0018 CAN-2003-0127 CAN-2003-0461 CAN-2003-0462 CAN-2003-0476 CAN-2003-0501 CAN-2003-0550 CAN-2003-0551 CAN-2003-0552 CAN-2003-0961 CAN-2003-0985}
	NOTE: 2.4.17 not present. Did not check newer kernels.
[13 Jan 2004] DSA-422 cvs - remote vulnerability
	- cvs 1.11.11
[12 Jan 2004] DSA-421 mod-auth-shadow - password expiration
	{CAN-2004-0041}
	- mod-auth-shadow 1.4-1
[12 Jan 2004] DSA-420 jitterbug - improperly sanitised input
	{CAN-2004-0028}
	- jitterbug 1.6.2-4.5
[09 Jan 2004] DSA-419 phpgroupware - missing filename sanitising, SQL injection
	{CAN-2004-0016 CAN-2004-0017}
	- phpgroupware 0.9.14.007-4
[07 Jan 2004] DSA-418 vbox3 - privilege leak
	{CAN-2004-0015}
	- vbox3 0.1.8
[07 Jan 2004] DSA-417 linux-kernel-2.4.18-powerpc+alpha - missing boundary check
	{CAN-2003-0961 CAN-2003-0985}
	NOTE: 2.4.18 not present. Did not check newer kernels.
[06 Jan 2004] DSA-416 fsp - buffer overflow, directory traversal
	{CAN-2003-1022, CAN-2004-0011}
	- fsp 2.81.b18-1
[06 Jan 2004] DSA-415 zebra - denial of service
	{CAN-2003-0795 CAN-2003-0858}
	- quagga 0.96.4x-4
[06 Jan 2004] DSA-414 jabber - denial of service
	{CAN-2004-0013}
	- jabber 1.4.3-1
[06 Jan 2004] DSA-413 linux-kernel-2.4.18 - missing boundary check
	{CAN-2003-0985}
	NOTE: 2.4.18 not present. Did not check newer kernels.
[05 Jan 2004] DSA-412 nd - buffer overflows
	{CAN-2004-0014}
	- nd 0.8.2-1
[05 Jan 2004] DSA-411 mpg321 - format string vulnerability
	{CAN-2003-0969}
	- mpg321 0.2.10.3
[05 Jan 2004] DSA-410 libnids - buffer overflow
	{CAN-2003-0850}
	- libnids 1.18-1
[05 Jan 2004] DSA-409 bind - denial of service
	{CAN-2003-0914}
	- bind 1:8.4.3-1
[05 Jan 2004] DSA-408 screen - integer overflow
	{CAN-2003-0972}
	- screen 4.0.2-0.1
[05 Jan 2004] DSA-407 ethereal - buffer overflows
	{CAN-2003-0925 CAN-2003-0926 CAN-2003-0927 CAN-2003-1012 CAN-2003-1013
	- ethereal 0.10.0-1
[05 Jan 2004] DSA-406 lftp - buffer overflow 
	- lftp 2.6.10-1

Here's all the DSAs I have not looked at yet, back to woody's release.

[30 Dec 2003] DSA-405 xsok - missing privilege release
[04 Dec 2003] DSA-404 rsync - heap overflow
[01 Dec 2003] DSA-403 kernel-image-2.4.18-1-alpha, kernel-image-2.4.18-1-i386, kernel-source-2.4.18 - local root exploit
[17 Nov 2003] DSA-402 minimalist - unsanitised input
[17 Nov 2003] DSA-401 hylafax - format strings
[11 Nov 2003] DSA-400 omega-rpg - buffer overflow
[10 Nov 2003] DSA-399 epic4 - buffer overflow
[10 Nov 2003] DSA-398 conquest - buffer overflow
[07 Nov 2003] DSA-397 postgresql - buffer overflow
[29 Oct 2003] DSA-396 thttpd - missing input sanitizing, wrong calculation
[15 Oct 2003] DSA-395 tomcat4 - incorrect input handling
[11 Oct 2003] DSA-394 openssl095 - ASN.1 parsing vulnerability
[01 Oct 2003] DSA-393 openssl - denial of service
[29 Sep 2003] DSA-392 webfs - buffer overflows, file and directory exposure
[28 Sep 2003] DSA-391 freesweep - buffer overflow
[26 Sep 2003] DSA-390 marbles - buffer overflow
[20 Sep 2003] DSA-389 ipmasq - insecure packet filtering rules
[19 Sep 2003] DSA-388 kdebase - several vulnerabilities
[18 Sep 2003] DSA-387 gopher - buffer overflows
[18 Sep 2003] DSA-386 libmailtools-perl - input validation bug
[18 Sep 2003] DSA-385 hztty - buffer overflows
[17 Sep 2003] DSA-384 sendmail - buffer overflows
[17 Sep 2003] DSA-383 ssh-krb5 - possible remote vulnerability
[16 Sep 2003] DSA-382 ssh - possible remote vulnerability
[13 Sep 2003] DSA-381 mysql - buffer overflow
[12 Sep 2003] DSA-380 xfree86 - buffer overflows, denial of service
[11 Sep 2003] DSA-379 sane-backends - several vulnerabilities
[07 Sep 2003] DSA-378 mah-jong - buffer overflows, denial of service
[04 Sep 2003] DSA-377 wu-ftpd - insecure program execution
[04 Sep 2003] DSA-376 exim - buffer overflow
[29 Aug 2003] DSA-375 node - buffer overflow, format string
[26 Aug 2003] DSA-374 libpam-smb - buffer overflow
[16 Aug 2003] DSA-373 autorespond - buffer overflow
[16 Aug 2003] DSA-372 netris - buffer overflow
[11 Aug 2003] DSA-371 perl - cross-site scripting
[08 Aug 2003] DSA-370 pam-pgsql - format string
[08 Aug 2003] DSA-369 zblast - buffer overflow
[08 Aug 2003] DSA-368 xpcd - buffer overflow
[08 Aug 2003] DSA-367 xtokkaetama - buffer overflow
[05 Aug 2003] DSA-366 eroaster - insecure temporary file
[05 Aug 2003] DSA-365 phpgroupware - several vulnerabilities
[04 Aug 2003] DSA-364 man-db - buffer overflows, arbitrary command execution
[03 Aug 2003] DSA-363 postfix - denial of service, bounce-scanning
[02 Aug 2003] DSA-362 mindi - insecure temporary file
[01 Aug 2003] DSA-361 kdelibs, kdelibs-crypto - several vulnerabilities
[01 Aug 2003] DSA-360 xfstt - several vulnerabilities
[31 Jul 2003] DSA-359 atari800 - buffer overflows
[31 Jul 2003] DSA-358 linux-kernel-2.4.18 - several vulnerabilities
[31 Jul 2003] DSA-357 wu-ftpd - remote root exploit
[30 Jul 2003] DSA-356 xtokkaetama - buffer overflows
[30 Jul 2003] DSA-355 gallery - cross-site scripting
[29 Jul 2003] DSA-354 xconq - buffer overflows
[29 Jul 2003] DSA-353 sup - insecure temporary file
[22 Jul 2003] DSA-352 fdclone - insecure temporary directory
[16 Jul 2003] DSA-351 php4 - cross-site scripting
[15 Jul 2003] DSA-350 falconseye - buffer overflow
[14 Jul 2003] DSA-349 nfs-utils - buffer overflow
[11 Jul 2003] DSA-348 traceroute-nanog - integer overflow, buffer overflow
[08 Jul 2003] DSA-347 teapop - SQL injection
[08 Jul 2003] DSA-346 phpsysinfo - directory traversal
[08 Jul 2003] DSA-345 xbl - buffer overflow
[08 Jul 2003] DSA-344 unzip - directory traversal
[08 Jul 2003] DSA-343 skk, ddskk - insecure temporary file
[07 Jul 2003] DSA-342 mozart - unsafe mailcap configuration
[07 Jul 2003] DSA-341 liece - insecure temporary file
[06 Jul 2003] DSA-340 x-face-el - insecure temporary file
[06 Jul 2003] DSA-339 semi - insecure temporary file
[29 Jun 2003] DSA-338 proftpd - SQL injection
[29 Jun 2003] DSA-337 gtksee - buffer overflow
[29 Jun 2003] DSA-336 linux-kernel-2.2.20 - several vulnerabilities
[28 Jun 2003] DSA-335 mantis - incorrect permissions
[28 Jun 2003] DSA-334 xgalaga - buffer overflows
[27 Jun 2003] DSA-333 acm - integer overflow
[27 Jun 2003] DSA-332 linux-kernel-2.4.17 - several vulnerabilities
[27 Jun 2003] DSA-331 imagemagick - insecure temporary file
[23 Jun 2003] DSA-330 tcptraceroute - failure to drop root privileges
[20 Jun 2003] DSA-329 osh - buffer overflows
[19 Jun 2003] DSA-328 webfs - buffer overflow
[19 Jun 2003] DSA-327 xbl - buffer overflows
[19 Jun 2003] DSA-326 orville-write - buffer overflows
[19 Jun 2003] DSA-325 eldav - insecure temporary file
[18 Jun 2003] DSA-324 ethereal - several vulnerabilities
[16 Jun 2003] DSA-323 noweb - insecure temporary files
[16 Jun 2003] DSA-322 typespeed - buffer overflow
[13 Jun 2003] DSA-321 radiusd-cistron - buffer overflow
[13 Jun 2003] DSA-320 mikmod - buffer overflow
[12 Jun 2003] DSA-319 webmin - session ID spoofing
[12 Jun 2003] DSA-318 lyskom-server - denial of service
[11 Jun 2003] DSA-317 cupsys - denial of service
[11 Jun 2003] DSA-316 nethack - buffer overflow, incorrect permissions
[11 Jun 2003] DSA-315 gnocatan - buffer overflows, denial of service
[11 Jun 2003] DSA-314 atftp - buffer overflow
[11 Jun 2003] DSA-313 ethereal - buffer overflows, integer overflows
[09 Jun 2003] DSA-312 kernel-patch-2.4.18-powerpc - several vulnerabilities
[08 Jun 2003] DSA-311 linux-kernel-2.4.18 - several vulnerabilities
[08 Jun 2003] DSA-310 xaos - improper setuid-root execution
[06 Jun 2003] DSA-309 eterm - buffer overflow
[06 Jun 2003] DSA-308 gzip - insecure temporary files
[27 May 2003] DSA-307 gps - multiple vulnerabilities
[19 May 2003] DSA-306 ircii-pana - buffer overflows, integer overflow
[15 May 2003] DSA-305 sendmail - insecure temporary files
[15 May 2003] DSA-304 lv - privilege escalation
[15 May 2003] DSA-303 mysql - privilege escalation
[07 May 2003] DSA-302 fuzz - privilege escalation
[07 May 2003] DSA-301 libgtop - buffer overflow
[06 May 2003] DSA-300 balsa - buffer overflow
[06 May 2003] DSA-299 leksbot - improper setuid-root execution
[02 May 2003] DSA-298 epic4 - buffer overflows
[01 May 2003] DSA-297 snort - integer overflow, buffer overflow
[30 Apr 2003] DSA-296 kdebase - insecure execution
[30 Apr 2003] DSA-295 pptpd - buffer overflow
[23 Apr 2003] DSA-294 gkrellm-newsticker - missing quoting, incomplete parser
[23 Apr 2003] DSA-293 kdelibs - insecure execution
[22 Apr 2003] DSA-292 mime-support - insecure temporary file creation
[22 Apr 2003] DSA-291 ircii - buffer overflows
[17 Apr 2003] DSA-290 sendmail-wide - char-to-int conversion
[17 Apr 2003] DSA-289 rinetd - incorrect memory resizing
[17 Apr 2003] DSA-288 openssl - several vulnerabilities
[15 Apr 2003] DSA-287 epic - buffer overflows
[14 Apr 2003] DSA-286 gs-common - insecure temporary file
[14 Apr 2003] DSA-285 lprng - insecure temporary file
[12 Apr 2003] DSA-284 kdegraphics - insecure execution
[11 Apr 2003] DSA-283 xfsdump - insecure file creation
[09 Apr 2003] DSA-282 glibc - integer overflow
[08 Apr 2003] DSA-281 moxftp - buffer overflow
[07 Apr 2003] DSA-280 samba - buffer overflow
[07 Apr 2003] DSA-279 metrics - insecure temporary file creation
[04 Apr 2003] DSA-278 sendmail - char-to-int conversion
[03 Apr 2003] DSA-277 apcupsd - buffer overflows, format string
[03 Apr 2003] DSA-276 linux-kernel-s390 - local privilege escalation
[02 Apr 2003] DSA-275 lpr-ppd - buffer overflow
[28 Mar 2003] DSA-274 mutt - buffer overflow
[28 Mar 2003] DSA-273 krb4 - Cryptographic weakness
[28 Mar 2003] DSA-272 dietlibc - integer overflow
[27 Mar 2003] DSA-271 ecartis - unauthorized password change
[27 Mar 2003] DSA-270 linux-kernel-mips - local privilege escalation
[26 Mar 2003] DSA-269 heimdal - Cryptographic weakness
[25 Mar 2003] DSA-268 mutt - buffer overflow
[24 Mar 2003] DSA-267 lpr - buffer overflow
[24 Mar 2003] DSA-266 krb5 - several vulnerabilities
[21 Mar 2003] DSA-265 bonsai - several vulnerabilities
[19 Mar 2003] DSA-264 lxr - missing filename sanitizing
[17 Mar 2003] DSA-263 netpbm-free - math overflow errors
[15 Mar 2003] DSA-262 samba - remote exploit
[14 Mar 2003] DSA-261 tcpdump - infinite loop
[13 Mar 2003] DSA-260 file - buffer overflow
[12 Mar 2003] DSA-259 qpopper - mail user privilege escalation
[10 Mar 2003] DSA-258 ethereal - format string vulnerability
[04 Mar 2003] DSA-257 sendmail - remote exploit
[28 Feb 2003] DSA-256 mhc - insecure temporary file
[27 Feb 2003] DSA-255 tcpdump - infinite loop
[27 Feb 2003] DSA-254 traceroute-nanog - buffer overflow
[24 Feb 2003] DSA-253 openssl - information leak
[21 Feb 2003] DSA-252 slocate - buffer overflow
[14 Feb 2003] DSA-251 w3m - missing HTML quoting
[12 Feb 2003] DSA-250 w3mmee-ssl - missing HTML quoting
[11 Feb 2003] DSA-249 w3mmee - missing HTML quoting
[31 Jan 2003] DSA-248 hypermail - buffer overflows
[30 Jan 2003] DSA-247 courier-ssl - missing input sanitizing
[29 Jan 2003] DSA-246 tomcat - information exposure, cross site scripting
[28 Jan 2003] DSA-245 dhcp3 - ignored counter boundary
[27 Jan 2003] DSA-244 noffle - buffer overflows
[24 Jan 2003] DSA-243 kdemultimedia - several vulnerabilities
[24 Jan 2003] DSA-242 kdebase - several vulnerabilities
[24 Jan 2003] DSA-241 kdeutils - several vulnerabilities
[23 Jan 2003] DSA-240 kdegames - several vulnerabilities
[23 Jan 2003] DSA-239 kdesdk - several vulnerabilities
[23 Jan 2003] DSA-238 kdepim - several vulnerabilities
[22 Jan 2003] DSA-237 kdenetwork - several vulnerabilities
[22 Jan 2003] DSA-236 kdelibs - several vulnerabilities
[22 Jan 2003] DSA-235 kdegraphics - several vulnerabilities
[22 Jan 2003] DSA-234 kdeadmin - several vulnerabilities
[21 Jan 2003] DSA-233 cvs - doubly freed memory
[20 Jan 2003] DSA-232 cupsys - several vulnerabilities
[17 Jan 2003] DSA-231 dhcp3 - stack overflows
[16 Jan 2003] DSA-230 bugzilla - insecure permissions, spurious backup files
[15 Jan 2003] DSA-229 imp - SQL injection
[14 Jan 2003] DSA-228 libmcrypt - buffer overflows and memory leak
[13 Jan 2003] DSA-227 openldap2 - buffer overflows and other bugs
[10 Jan 2003] DSA-226 xpdf-i - integer overflow
[09 Jan 2003] DSA-225 tomcat4 - source disclosure
[08 Jan 2003] DSA-224 canna - buffer overflow and more
[07 Jan 2003] DSA-223 geneweb - information exposure
[06 Jan 2003] DSA-222 xpdf - integer overflow
[03 Jan 2003] DSA-221 mhonarc - cross site scripting
[02 Jan 2003] DSA-220 squirrelmail - cross site scripting 
[31 Dec 2002] DSA-219 dhcpcd - remote command execution
[30 Dec 2002] DSA-218 bugzilla - cross site scripting
[27 Dec 2002] DSA-217 typespeed - buffer overflow
[24 Dec 2002] DSA-216 fetchmail - buffer overflow
[23 Dec 2002] DSA-215 cyrus-imapd - buffer overflow
[20 Dec 2002] DSA-214 kdnetwork - buffer overflows
[19 Dec 2002] DSA-213 libpng - buffer overflow
[17 Dec 2002] DSA-212 mysql - multiple problems
[13 Dec 2002] DSA-211 micq - denial of service
[13 Dec 2002] DSA-210 lynx - CRLF injection
[12 Dec 2002] DSA-209 wget - directory traversal
[12 Dec 2002] DSA-208 perl - broken safe compartment
[11 Dec 2002] DSA-207 tetex-bin - arbitrary command execution
[10 Dec 2002] DSA-206 tcpdump - denial of service
[10 Dec 2002] DSA-205 gtetrinet - buffer overflow
[05 Dec 2002] DSA-204 kdelibs - arbitrary program execution
[04 Dec 2002] DSA-203 smb2www - arbitrary command execution
[03 Dec 2002] DSA-202 im - insecure temporary files
[02 Dec 2002] DSA-201 freeswan - denial of service
[22 Nov 2002] DSA-200 samba - remote exploit
[19 Nov 2002] DSA-199 mhonarc - cross site scripting
[18 Nov 2002] DSA-198 nullmailer - denial of service
[15 Nov 2002] DSA-197 courier - buffer overflow
[14 Nov 2002] DSA-196 bind - several vulnerabilities
[13 Nov 2002] DSA-195 apache-perl - several vulnerabilities
[12 Nov 2002] DSA-194 masqmail - buffer overflows
[11 Nov 2002] DSA-193 kdenetwork - buffer overflow
[08 Nov 2002] DSA-192 html2ps - arbitrary code execution
[07 Nov 2002] DSA-191 squirrelmail - cross site scripting
[07 Nov 2002] DSA-190 wmaker - buffer overflow
[06 Nov 2002] DSA-189 luxman - local root exploit
[05 Nov 2002] DSA-188 apache-ssl - several vulnerabilities
[04 Nov 2002] DSA-187 apache - several vulnerabilities
[01 Nov 2002] DSA-186 log2mail - buffer overflow
[31 Oct 2002] DSA-185 heimdal - buffer overflow
[30 Oct 2002] DSA-184 krb4 - buffer overflow
[29 Oct 2002] DSA-183 krb5 - buffer overflow
[28 Oct 2002] DSA-182 kdegraphics - buffer overflow
[22 Oct 2002] DSA-181 libapache-mod-ssl - cross site scripting
[21 Oct 2002] DSA-180 nis - information leak
[18 Oct 2002] DSA-179 gnome-gv - buffer overflow
[17 Oct 2002] DSA-178 heimdal - remote command execution
[17 Oct 2002] DSA-177 pam - serious security violation
[16 Oct 2002] DSA-176 gv - buffer overflow
[15 Oct 2002] DSA-175 syslog-ng - buffer overflow
[14 Oct 2002] DSA-174 heartbeat - buffer overflow
[09 Oct 2002] DSA-173 bugzilla - privilege escalation
[08 Oct 2002] DSA-172 tkmail - insecure temporary files
[07 Oct 2002] DSA-171 fetchmail - buffer overflows
[04 Oct 2002] DSA-170 tomcat4 - source code disclosure
[25 Sep 2002] DSA-169 htcheck - cross site scripting
[18 Sep 2002] DSA-168 php - bypassing safe_mode, CRLF injection
[16 Sep 2002] DSA-167 kdelibs - cross site scripting
[13 Sep 2002] DSA-166 purity - buffer overflows
[12 Sep 2002] DSA-165 postgresql - buffer overflows
[10 Sep 2002] DSA-164 cacti - arbitrary code execution
[09 Sep 2002] DSA-163 mhonarc - cross site scripting
[06 Sep 2002] DSA-162 ethereal - buffer overflow
[04 Sep 2002] DSA-161 mantis - privilege escalation
[03 Sep 2002] DSA-160 scrollkeeper - insecure temporary file creation
[28 Aug 2002] DSA-159 python - insecure temporary files
[27 Aug 2002] DSA-158 gaim - arbitrary program execution
[23 Aug 2002] DSA-157 irssi-text - denial of service
[22 Aug 2002] DSA-156 epic4-script-light - arbitrary script execution
[17 Aug 2002] DSA-155 kdelibs - privacy escalation with Konqueror
[15 Aug 2002] DSA-154 fam - privilege escalation
[14 Aug 2002] DSA-153 mantis - cross site code execution and privilege escalation
[13 Aug 2002] DSA-152 l2tpd - missing random seed
[13 Aug 2002] DSA-151 xinetd - pipe exposure
[13 Aug 2002] DSA-150 interchange - illegal file exposition
[13 Aug 2002] DSA-149 glibc - integer overflow
[12 Aug 2002] DSA-148 hylafax - buffer overflows and format string vulnerabilities
[08 Aug 2002] DSA-147 mailman - cross-site scripting
[08 Aug 2002] DSA-146 dietlibc - integer overflow
[07 Aug 2002] DSA-145 tinyproxy - doubly freed memory
[06 Aug 2002] DSA-144 wwwoffle - improper input handling
[05 Aug 2002] DSA-143 krb5 - integer overflow
[05 Aug 2002] DSA-142 openafs - integer overflow
[01 Aug 2002] DSA-141 mpack - buffer overflow
[05 Aug 2002] DSA-140 libpng - buffer overflow
[01 Aug 2002] DSA-139 super - format string vulnerability
[01 Aug 2002] DSA-138 gallery - remote exploit
[30 Jul 2002] DSA-137 mm - insecure temporary files
[30 Jul 2002] DSA-136 openssl - multiple remote exploits
[02 Jul 2002] DSA-135 libapache-mod-ssl - buffer overflow / DoS
[24 Jun 2002] DSA-134 ssh - remote exploit

-- 
see shy jo
Attachment: signature.asc
Description: Digital signature
Reply to:
Follow-Ups:
- Re: checking testing against this year's DSAs
  - From: Martin Schulze <joey@infodrom.org>
Prev by Date: Re: Period before the freeze to let the buildd do their jobs
Next by Date: I can't get anything to burn my ISO
Previous by thread: Re: Period before the freeze to let the buildd do their jobs
Next by thread: Re: checking testing against this year's DSAs
Index(es):
- Date
- Thread