[Secure-testing-commits] r3567 - in data: CVE DSA
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Mar 8 16:36:09 UTC 2006
Author: jmm-guest
Date: 2006-03-08 16:36:03 +0000 (Wed, 08 Mar 2006)
New Revision: 3567
Modified:
data/CVE/list
data/DSA/list
Log:
squirrelmail DSA
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-03-08 09:46:42 UTC (rev 3566)
+++ data/CVE/list 2006-03-08 16:36:03 UTC (rev 3567)
@@ -1582,7 +1582,7 @@
CVE-2006-0378 (Cross-site scripting (XSS) vulnerability in Netrix X-Site Manager ...)
NOT-FOR-US: Netrix X-Site Manager
CVE-2006-0377 (CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows ...)
- - squirrelmail <unfixed> (bug #354063)
+ - squirrelmail 2:1.4.6-1 (bug #354063)
CVE-2006-0376 (The 802.11 wireless client in certain operating systems including ...)
NOT-FOR-US: Windows
CVE-2006-0375 (Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 ...)
@@ -2008,7 +2008,7 @@
CVE-2006-0196 (Unspecified vulnerability in Serial line sniffer (aka slsnif) 0.4.4 ...)
NOT-FOR-US: slsnif
CVE-2006-0195 (Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 ...)
- - squirrelmail <unfixed> (bug #354062)
+ - squirrelmail 2:1.4.6-1 (bug #354062)
CVE-2006-0194 (Cross-site scripting (XSS) vulnerability in default.asp in FogBugz ...)
NOT-FOR-US: FogBugz
CVE-2006-0193 (Cross-site scripting (XSS) vulnerability in the Hosting Control Panel ...)
@@ -2022,7 +2022,7 @@
CVE-2006-0189 (Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46 allows ...)
NOT-FOR-US: eStara Softphone
CVE-2006-0188 (webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to ...)
- - squirrelmail <unfixed> (bug #354064)
+ - squirrelmail 2:1.4.6-1 (bug #354064)
CVE-2005-4664 (SQL injection vulnerability in OcoMon 1.21, and possibly other ...)
NOT-FOR-US: OcoMon
CVE-2005-4663 (Cross-site scripting (XSS) vulnerability in OcoMon 1.20, and possibly ...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2006-03-08 09:46:42 UTC (rev 3566)
+++ data/DSA/list 2006-03-08 16:36:03 UTC (rev 3567)
@@ -1,3 +1,8 @@
+[08 Mar 2006] DSA-988-1 squirrelmail - several
+ {CVE-2006-0377 CVE-2006-0195 CVE-2006-0188}
+ [woody] - squirrelmail 1.2.6-5
+ [sarge] - squirrelmail 2:1.4.4-8
+ NOTE: not fixed in testing at the time of DSA (unfixed in sid)
[07 Mar 2006] DSA-987-1 tar - buffer overflow
{CVE-2006-0300}
[sarge] - tar 1.14-2.1
More information about the Secure-testing-commits
mailing list