[Secure-testing-commits] r1517 - data/CAN
Joey Hess
joeyh at costa.debian.org
Wed Aug 3 06:39:38 UTC 2005
Author: joeyh
Date: 2005-08-03 06:39:34 +0000 (Wed, 03 Aug 2005)
New Revision: 1517
Modified:
data/CAN/list
Log:
updates
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-08-03 05:57:02 UTC (rev 1516)
+++ data/CAN/list 2005-08-03 06:39:34 UTC (rev 1517)
@@ -1174,7 +1174,7 @@
NOTE: not-for-us (MyGuestbook)
CAN-2005-2161 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote ...)
{DSA-768-1}
- - phpbb2 (unfixed; bug #317739; high)
+ - phpbb2 2.0.13+1-6sarge1 (bug #317739; high)
CAN-2005-2160 (IMail stores usernames and passwords in cleartext in a cookie, which ...)
NOTE: not-for-us (IMail)
CAN-2005-2159 (mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote ...)
@@ -2470,7 +2470,7 @@
- phpgroupware 0.9.16.006-1 (high)
- egroupware 1.0.0.007-3.dfsg-1 (high)
- phpwiki 1.3.7-4 (high)
- - ewiki (unfixed; high)
+ NOTE: ewiki does not seem vulnerable (no eval, different code base)
- php4 (unfixed; bug #316447; high)
NOTE: horde3 is not affected by this issue, they ship different XMLRPC code
CAN-2005-1920 (The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through ...)
More information about the Secure-testing-commits
mailing list