[Secure-testing-commits] r6956 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Sun Oct 14 20:45:41 UTC 2007 

Author: nion
Date: 2007-10-14 20:45:41 +0000 (Sun, 14 Oct 2007)
New Revision: 6956

Modified:
   data/CVE/list
Log:
added TODOs for alpine


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-14 20:44:27 UTC (rev 6955)
+++ data/CVE/list	2007-10-14 20:45:41 UTC (rev 6956)
@@ -34270,6 +34270,7 @@
 	- uw-imap 7:2002edebian1-12 (medium; bug #332215)
 	- pine 4.64-1 (medium; bug #348407)
 	[sarge] - pine <no-dsa> (pine is non-free; doesn't permit distribution of modified binaries)
+	TODO: check alpine
 CVE-2005-2932 (Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, ...)
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm
 CVE-2005-2931 (Format string vulnerability in the SMTP service in IMail Server 8.20 ...)
@@ -37827,6 +37828,7 @@
 	- pine 4.62-1 (low)
 	NOTE: checked listed version, and it didn't have the problem
 	NOTE: non-free
+	TODO: check alpine
 CVE-2002-1902 (CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: CGIForum
 CVE-2002-1901 (Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 ...)
@@ -41656,6 +41658,7 @@
 CVE-2005-1066 (Race condition in rpdump in Pine 4.62 and earlier allows local users ...)
 	- pine 4.63-1 (unimportant)
 	NOTE: Not shipped in the binary package
+	TODO: check alpine
 CVE-2005-1065 (tetex in Novell Linux Desktop 9 allows local users to determine the ...)
 	- tetex-base <not-affected> (/var/cache/fonts is not writable by normal users in Debian)
 CVE-2005-1064 (The copy_symlink function in rsnapshot 1.2.0 and 1.1.x before 1.1.7 ...)
@@ -49133,8 +49136,10 @@
 	NOT-FOR-US: solaris
 CVE-2003-0721 (Integer signedness error in rfc2231_get_param from strings.c in PINE ...)
 	- pine 4.58
+	TODO: check alpine
 CVE-2003-0720 (Buffer overflow in PINE before 4.58 allows remote attackers to execute ...)
 	- pine 4.58
+	TODO: check alpine
 CVE-2003-0719 (Buffer overflow in the Private Communications Transport (PCT) protocol ...)
 	NOT-FOR-US: microsoft
 CVE-2003-0718 (The WebDAV Message Handler for Internet Information Services (IIS) ...)

More information about the Secure-testing-commits mailing list