[Secure-testing-commits] r8393 - data/CVE
thijs at alioth.debian.org
thijs at alioth.debian.org
Mon Mar 24 10:59:36 UTC 2008
Author: thijs
Date: 2008-03-24 10:59:34 +0000 (Mon, 24 Mar 2008)
New Revision: 8393
Modified:
data/CVE/list
Log:
otrs issue not relevant for sarge/etch
requested CVE id for serendipity XSS
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-03-23 13:34:03 UTC (rev 8392)
+++ data/CVE/list 2008-03-24 10:59:34 UTC (rev 8393)
@@ -1,3 +1,7 @@
+CVE-2008-XXXX [Serendipity XSS in trackbacks]
+ - serendipity 1.3-1
+ NOTE: http://blog.s9y.org/archives/192-Serendipity-1.3-released-addresses-security.html
+ NOTE: CVE id requested
CVE-2008-XXXX [multiple security issues in kses as used in egroupware]
- egroupware 1.4.002.dfsg-2.1 (bug #471839)
CVE-2008-XXXX [OTRS osa-2008-01]
@@ -2,4 +6,6 @@
- otrs2 2.2.5-2
+ [etch] - otrs2 <not-affected> (Vulnerable code not present)
+ [etch] - otrs <not-affected> (Vulnerable code not present)
+ [sarge] - otrs <not-affected> (Vulnerable code not present)
NOTE: http://packages.qa.debian.org/o/otrs2/news/20080320T211729Z.html
- NOTE: maintainer claims sarge/etch unaffected but details lacking
CVE-2008-XXXX [unspecified egroupware security issue]
More information about the Secure-testing-commits
mailing list