[Secure-testing-commits] r4869 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Sun Oct 22 20:18:03 UTC 2006


Author: jmm-guest
Date: 2006-10-22 20:18:02 +0000 (Sun, 22 Oct 2006)
New Revision: 4869

Modified:
   data/CVE/list
Log:
uw-imap unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-10-21 22:13:37 UTC (rev 4868)
+++ data/CVE/list	2006-10-22 20:18:02 UTC (rev 4869)
@@ -6236,7 +6236,7 @@
 	NOTE: The Windows clipboard is a public resource anyway.
 CVE-2006-2611 (Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in ...)
 	- mediawiki1.7 <not-affected> (Fixed in 1.7 prior to release)
-	- mediawiki1.5 <unfixed>
+	- mediawiki1.5 <unfixed> (bug #394568)
 CVE-2006-2610 (Cross-site scripting (XSS) vulnerability in view.php in phpRaid 2.9.5 ...)
 	NOT-FOR-US: phpRaid
 CVE-2006-2609 (artmedic newsletter 4.1.2 and possibly other versions, when ...)
@@ -21345,8 +21345,10 @@
 CVE-2005-1976 (Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets ...)
 	NOT-FOR-US: Novell NetMail
 CVE-2002-1782 (The default configuration of University of Washington IMAP daemon ...)
-	- uw-imap <unfixed> (bug #315499; low)
-	[sarge] - uw-imap <no-dsa> (Documented shortcoming, under admin control)
+	- uw-imap <unfixed> (bug #315499; unimportant)
+	NOTE: This only applies to very exotic setups. It's also documented in the FAQ
+	NOTE: and if someone has such a setup she will have to recompile the package with
+	NOTE: the security features enabled.
 CVE-2002-1781 (Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote ...)
 	NOT-FOR-US: DeleGate
 CVE-2002-1780 (BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a ...)




More information about the Secure-testing-commits mailing list