Hello,
as people are starting to shoot fireworks around me here in Uppsala, I'm
summing up my work for this Audit Project for the past months. Here are
my DSA's and bugs that haven't been listed on the project's web page yet:
DSA's
=====
DSA-876 lynx-ssl
DSA-874 lynx
DSA-863 xine-lib
DSA-855 weex
DSA-786 simpleproxy
DSA-752 gzip
DSA-650 sword
Bugs
====
#343877 webalizer: various buffer overflows
#340842 unalz: buffer overflow when extracting archives [1]
#313306 mailx: crashes when command line contains many digits
Perhaps someone with commit rights could add those? I saw that both
Javier and Steve found some stuff that led to DSA's in December, so
there's more stuff to add as well.
Happy auditing in 2006,
Ulf
[1] This was reported as a vulnerability but it got dropped by the
Security Team for unknown reasons. Oh well. Perhaps someone could NMU
it, if they have the time!?
|
