[Secure-testing-commits] r953 - sarge-checks/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Sun, 01 May 2005 20:20:19 +0000 

Author: jmm-guest
Date: 2005-05-01 20:20:16 +0000 (Sun, 01 May 2005)
New Revision: 953

Modified:
   sarge-checks/CAN/list
Log:
All horde module vulnerabilities have been promptly fixed by
Ola Lundqvist.


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-05-01 13:16:00 UTC (rev 952)
+++ sarge-checks/CAN/list	2005-05-01 20:20:16 UTC (rev 953)
@@ -85,23 +85,23 @@
 CAN-2005-1322 (Cross-site scripting (XSS) vulnerability in Horde Nag Task List ...)
 	- nag (unfixed; bug #307173)
 CAN-2005-1321 (Cross-site scripting (XSS) vulnerability in Horde Vacation module ...)
-	- sork-vacation (unfixed; bug #307174)
+	- sork-vacation 2.2.2-1
 CAN-2005-1320 (Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager ...)
 	- mnemo (unfixed; bug #307180)
 	TODO: check whether nmeno2 is affected as well
 CAN-2005-1319 (Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client ...)
-	TODO: check whether this applies to imp4 as well, which is in Debian, imp 3 is not
+	NOTE: imp4 is not affected
 CAN-2005-1318 (Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail ...)
-	- sork-forwards (unfixed; bug #307175)
+	- sork-forwards 2.2.2-1
 CAN-2005-1317 (Cross-site scripting (XSS) vulnerability in Horde Chora module before ...)
 	NOTE: not-for-us (Hord Chora module)
 CAN-2005-1316 (Cross-site scripting (XSS) vulnerability in Horde Accounts module ...)
 	- sork-accounts (unfixed; bug #307178)
 CAN-2005-1315 (Cross-site scripting (XSS) vulnerability in Horde Turba module before ...)
-	NOTE: Asked maintainer whether turba2 is affected as well
-	- turba (unfixed; bug #307179)
+	NOTE: Maintainer is checking whether turba2 needs fixing as well
+	- turba 1.2.5-1
 CAN-2005-1314 (Cross-site scripting (XSS) vulnerability in Horde Kronolith module ...)
-	- kronolith (unfixed; bug #307170)
+	- kronolith 1.1.4-1
 CAN-2005-1313 (Cross-site scripting (XSS) vulnerability in Horde Passwd module before ...)
 	- sork-passwd 2.2.2-1
 CAN-2005-1312 (PHP remote code injection vulnerability in Yappa-NG before 2.3.2 ...)