[Secure-testing-commits] r4949 - data/CVE

Neil McGovern neilm at alioth.debian.org
Sat Nov 11 11:45:16 CET 2006


Author: neilm
Date: 2006-11-11 11:45:15 +0100 (Sat, 11 Nov 2006)
New Revision: 4949

Modified:
   data/CVE/list
Log:
CVE-2005-1308 is sqwebmail, not courier

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-11-11 08:51:54 UTC (rev 4948)
+++ data/CVE/list	2006-11-11 10:45:15 UTC (rev 4949)
@@ -25021,7 +25021,7 @@
 CVE-2005-1309 (Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote ...)
 	NOT-FOR-US: bBlog
 CVE-2005-1308 (SqWebMail allows remote attackers to inject arbitrary web script or ...)
-	- courier <unfixed> (bug #307575; medium)
+	- sqwebmail <unfixed> (bug #307575; medium)
 	NOTE: Upstream explanation looks wrong, not all code paths perform escaping.
 	NOTE: Sarge and Woody are affected
 CVE-2005-1307 (The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version ...)




More information about the Secure-testing-commits mailing list