[Secure-testing-commits] r4949 - data/CVE
Neil McGovern
neilm at alioth.debian.org
Sat Nov 11 11:45:16 CET 2006
Author: neilm
Date: 2006-11-11 11:45:15 +0100 (Sat, 11 Nov 2006)
New Revision: 4949
Modified:
data/CVE/list
Log:
CVE-2005-1308 is sqwebmail, not courier
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-11-11 08:51:54 UTC (rev 4948)
+++ data/CVE/list 2006-11-11 10:45:15 UTC (rev 4949)
@@ -25021,7 +25021,7 @@
CVE-2005-1309 (Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote ...)
NOT-FOR-US: bBlog
CVE-2005-1308 (SqWebMail allows remote attackers to inject arbitrary web script or ...)
- - courier <unfixed> (bug #307575; medium)
+ - sqwebmail <unfixed> (bug #307575; medium)
NOTE: Upstream explanation looks wrong, not all code paths perform escaping.
NOTE: Sarge and Woody are affected
CVE-2005-1307 (The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version ...)
More information about the Secure-testing-commits
mailing list