[Secure-testing-commits] r4950 - data/CVE
Neil McGovern
neilm at alioth.debian.org
Sat Nov 11 11:50:51 CET 2006
Author: neilm
Date: 2006-11-11 11:50:50 +0100 (Sat, 11 Nov 2006)
New Revision: 4950
Modified:
data/CVE/list
Log:
I'm special. Source for sqwebmail is courier
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-11-11 10:45:15 UTC (rev 4949)
+++ data/CVE/list 2006-11-11 10:50:50 UTC (rev 4950)
@@ -25021,7 +25021,7 @@
CVE-2005-1309 (Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote ...)
NOT-FOR-US: bBlog
CVE-2005-1308 (SqWebMail allows remote attackers to inject arbitrary web script or ...)
- - sqwebmail <unfixed> (bug #307575; medium)
+ - courier <unfixed> (bug #307575; medium)
NOTE: Upstream explanation looks wrong, not all code paths perform escaping.
NOTE: Sarge and Woody are affected
CVE-2005-1307 (The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version ...)
More information about the Secure-testing-commits
mailing list