[Secure-testing-commits] r947 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Sun, 01 May 2005 12:04:47 +0000
Author: jmm-guest
Date: 2005-05-01 12:04:44 +0000 (Sun, 01 May 2005)
New Revision: 947
Modified:
sarge-checks/CAN/list
Log:
More Horde entries.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-01 11:54:07 UTC (rev 946)
+++ sarge-checks/CAN/list 2005-05-01 12:04:44 UTC (rev 947)
@@ -88,17 +88,19 @@
CAN-2005-1321 (Cross-site scripting (XSS) vulnerability in Horde Vacation module ...)
- sork-vacation (unfixed; bug filed)
CAN-2005-1320 (Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager ...)
- TODO: check
+ - mnemo (unfixed; bug filed)
+ TODO: check whether nmeno2 is affected as well
CAN-2005-1319 (Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client ...)
- TODO: check
+ TODO: check whether this applies to imp4 as well, which is in Debian, imp 3 is not
CAN-2005-1318 (Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail ...)
- sork-forwards (unfixed; bug filed)
CAN-2005-1317 (Cross-site scripting (XSS) vulnerability in Horde Chora module before ...)
- TODO: check
+ NOTE: not-for-us (Hord Chora module)
CAN-2005-1316 (Cross-site scripting (XSS) vulnerability in Horde Accounts module ...)
- TODO: check
+ - sork-accounts (unfixed; bug filed)
CAN-2005-1315 (Cross-site scripting (XSS) vulnerability in Horde Turba module before ...)
- TODO: check
+ NOTE: Asked maintainer whether turba2 is affected as well
+ - turba (unfixed; bug filed)
CAN-2005-1314 (Cross-site scripting (XSS) vulnerability in Horde Kronolith module ...)
- kronolith (unfixed; bug pending)
CAN-2005-1313 (Cross-site scripting (XSS) vulnerability in Horde Passwd module before ...)