[Secure-testing-commits] r4757 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Sun Sep 24 15:32:09 UTC 2006
Author: alec-guest
Date: 2006-09-24 15:32:05 +0000 (Sun, 24 Sep 2006)
New Revision: 4757
Modified:
data/CVE/list
Log:
CVE-2005-2350: websieve removed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-09-22 09:14:25 UTC (rev 4756)
+++ data/CVE/list 2006-09-24 15:32:05 UTC (rev 4757)
@@ -20926,7 +20926,7 @@
- zoo 2.10-4 (low; bug #309594)
CVE-2005-2350 [Cross Site Scripting in websieve]
RESERVED
- - websieve <unfixed> (bug #311838; low)
+ - websieve <removed> (bug #311838; low)
NOTE: second half of bug suggets lack of escaping of user data
NOTE: could be used to compromise program somehow
NOTE: that is not covered by the CVE though due to vagueness
More information about the Secure-testing-commits
mailing list