[Secure-testing-commits] r7783 - data/CVE

thijs at alioth.debian.org thijs at alioth.debian.org
Wed Jan 2 09:00:11 UTC 2008


Author: thijs
Date: 2008-01-02 09:00:09 +0000 (Wed, 02 Jan 2008)
New Revision: 7783

Modified:
   data/CVE/list
Log:
dovecot "issues" also regarded as nonissues by Mitre, will not
get CVE's assigned so no use leaving them here.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-01-01 21:15:38 UTC (rev 7782)
+++ data/CVE/list	2008-01-02 09:00:09 UTC (rev 7783)
@@ -79,14 +79,6 @@
 	[sarge] - dovecot <not-affected> (Vulnerable code not present)
 	NOTE: http://dovecot.org/list/dovecot-news/2007-December/000057.html
 	NOTE: low, because issue is only with quite rare configurations
-	NOTE: CVE id requested
-CVE-2007-XXXX [dovecot LDAP infinite loop]
-	- dovecot 1:1.0.10-1 (unimportant)
-	NOTE: Can only be triggered by an attacker being able to disconnect,
-	NOTE: not by normal users, fixed in 1.0.10
-CVE-2007-XXXX [uidlist crash]
-	- dovecot 1:1.0.10-1 (unimportant)
-	NOTE: Only terminates a single connection, no security impact, fixed in 1.0.10
 CVE-2007-XXXX [mongrel remote arbitrary file disclosure]
 	- mongrel 1.1.3-1 (medium)
 	NOTE: CVE id requested




More information about the Secure-testing-commits mailing list