[Secure-testing-commits] r6863 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Mon Oct 8 10:04:08 UTC 2007


Author: nion
Date: 2007-10-08 10:04:08 +0000 (Mon, 08 Oct 2007)
New Revision: 6863

Modified:
   data/CVE/list
Log:
CVE-2005-4368 roundcube not affected

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-08 09:42:56 UTC (rev 6862)
+++ data/CVE/list	2007-10-08 10:04:08 UTC (rev 6863)
@@ -29538,8 +29538,7 @@
 CVE-2005-4369 (Cross-site scripting (XSS) vulnerability in Acuity CMS 2.6.2 allows ...)
 	NOT-FOR-US: Acuity CMS
 CVE-2005-4368 (roundcube webmail Alpha, with a default high verbose level ...)
-	TODO: check
-	NOTE: roundcube is in debian now, need to retoractively check
+	- roundcube <not-affected> (Quotes are stripped now and if the task can't be found there is a default of mail)
 CVE-2005-4367 (Cross-site scripting (XSS) vulnerability in register_domain.php in ...)
 	NOT-FOR-US: DRZES HMS
 CVE-2005-4366 (Multiple SQL injection vulnerabilities in DRZES HMS 3.2 allow remote ...)




More information about the Secure-testing-commits mailing list