[Secure-testing-commits] r4320 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Fri Jun 30 18:29:31 UTC 2006
Author: jmm-guest
Date: 2006-06-30 18:29:28 +0000 (Fri, 30 Jun 2006)
New Revision: 4320
Modified:
data/CVE/list
Log:
no-dsa for squirrelmail
older shadow issue not affected in sarge
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-06-30 13:12:22 UTC (rev 4319)
+++ data/CVE/list 2006-06-30 18:29:28 UTC (rev 4320)
@@ -275,6 +275,7 @@
CVE-2006-3174 (Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail ...)
NOTE: unreproducable
- squirrelmail <not-affected> (bug #375782; low)
+ [sarge] - squirrelmail <no-dsa> (Operation with registers_globals not supported)
CVE-2006-3173 (Multiple PHP remote file inclusion vulnerabilities in Content*Builder ...)
TODO: check
CVE-2006-3172 (Multiple PHP remote file inclusion vulnerabilities in Content*Builder ...)
@@ -5040,6 +5041,7 @@
NOT-FOR-US: WeOnlyDo! SFTP
CVE-2006-1174 (useradd in shadow-utils before 4.0.3, and possibly other versions ...)
- shadow 1:4.0.15-10 (low)
+ [sarge] - shadow <not-affected> (Vulnerable code was introduced later)
CVE-2006-1173 (Sendmail before 8.13.7 allows remote attackers to cause a denial of ...)
- sendmail 8.13.7-1 (low)
CVE-2006-1172 (Stack-based buffer overflow in the createPKCS10 function in ...)
More information about the Secure-testing-commits
mailing list