[Secure-testing-commits] r3156 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Sun Dec 25 10:52:07 UTC 2005 

Author: jmm-guest
Date: 2005-12-25 10:52:02 +0000 (Sun, 25 Dec 2005)
New Revision: 3156

Modified:
   data/CVE/list
Log:
three horde apps fixed
some kernel updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-12-24 18:36:12 UTC (rev 3155)
+++ data/CVE/list	2005-12-25 10:52:02 UTC (rev 3156)
@@ -619,13 +619,13 @@
 CVE-2005-4242 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 ...)
 	- turba2 2.0.5-1 (bug #342946; medium)
 CVE-2005-4192 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	- mnemo2 <unfixed> (bug #342944; medium)
+	- mnemo2 2.0.3-1 (bug #342944; medium)
 CVE-2005-4191 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	- nag2 <unfixed> (bug #342945; medium)
+	- nag2 2.0.4-1 (bug #342945; medium)
 CVE-2005-4190 (Multiple cross-site scripting (XSS) vulnerabilities in Horde ...)
 	- horde3 3.0.9-1 (bug #342942; medium)
 CVE-2005-4189 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith ...)
-	- kronolith <unfixed> (bug #342943; medium)
+	- kronolith 2.0.6-1 (bug #342943; medium)
 CVE-2005-4188
 	RESERVED
 CVE-2005-4187
@@ -17984,7 +17984,8 @@
 CVE-2004-0229 (The framebuffer driver in Linux kernel 2.6.x does not properly use the ...)
 	NOT-FOR-US: Kernel 2.6 framebuffer bug
 CVE-2004-0228 (Integer signedness error in the cpufreq proc handler (cpufreq_procctl) ...)
-	NOTE: fixed in linux 2.4.27-pre3
+	- kernel-source-2.4.27 <not-affected> (2.4 does not have cpufreq)
+	TODO: Check 2.6
 CVE-2004-0227 (Buffer overflow in the zms script in ZoneMinder before 1.19.2 may ...)
 	NOT-FOR-US: ZoneMinder
 CVE-2004-0226 (Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may ...)
@@ -18065,7 +18066,7 @@
 CVE-2004-0182 (Mailman before 2.0.13 allows remote attackers to cause a denial of ...)
 	- mailman <not-affected> (RedHat specific bug)
 CVE-2004-0181 (The JFS file system code in Linux 2.4.x has an information leak in ...)
-	NOTE: fixed in 2.4.26-pre5
+	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-pre5)
 CVE-2004-0180 (The client for CVS before 1.11 allows a remote malicious CVS server to ...)
 	{DSA-486}
 	- cvs 1:1.12.5-4 (medium)

More information about the Secure-testing-commits mailing list