[Secure-testing-commits] r10375 - in data: CVE DTSA

nion at alioth.debian.org nion at alioth.debian.org
Wed Nov 12 15:10:15 UTC 2008 

Author: nion
Date: 2008-11-12 15:10:15 +0000 (Wed, 12 Nov 2008)
New Revision: 10375

Modified:
   data/CVE/list
   data/DTSA/list
Log:
cveified uw-imap, CVE-2008-5006 also fixed in 7:2007d~dfsg-1

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-12 14:50:24 UTC (rev 10374)
+++ data/CVE/list	2008-11-12 15:10:15 UTC (rev 10375)
@@ -22,9 +22,11 @@
 CVE-2008-5008 (Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or ...)
 	TODO: check
 CVE-2008-5006 (smtp.c in the c-client library in University of Washington IMAP ...)
-	TODO: check
+	- uw-imap 7:2007d~dfsg-1
 CVE-2008-5005 (Multiple stack-based buffer overflows in (1) University of Washington ...)
-	TODO: check
+	[lenny] - uw-imap 2007b~dfsg-4+lenny1
+	- uw-imap 7:2007d~dfsg-1
+	- alpine <not-affected> (vulnerable code present but tmail/dmail wont be installed)
 CVE-2008-5004 (SQL injection vulnerability in genscode.php in myWebland Bloggie Lite ...)
 	NOT-FOR-US: myWebland Bloggie Lite
 CVE-2008-5003 (SQL injection vulnerability in ndetail.php in Shahrood allows remote ...)
@@ -403,11 +405,6 @@
 	NOT-FOR-US: Simple PHP Scripts gallery
 CVE-2008-4802 (Cross-site scripting (XSS) vulnerability in complete.php in Simple PHP ...)
 	NOT-FOR-US: Simple PHP Scripts blog
-CVE-2008-XXXX [buffer overflow via large mailbox in dmail/tmail of uw-imap]
-	[lenny] - uw-imap 2007b~dfsg-4+lenny1
-	- uw-imap 7:2007d~dfsg-1
-	- alpine <not-affected> (vulnerable code present but tmail/dmail wont be installed)
-	NOTE: CVE id requested on oss-sec
 CVE-2008-XXXX [ktorrent issues]
 	- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
 	- ktorrent <unfixed>

Modified: data/DTSA/list
===================================================================
--- data/DTSA/list	2008-11-12 14:50:24 UTC (rev 10374)
+++ data/DTSA/list	2008-11-12 15:10:15 UTC (rev 10375)
@@ -515,6 +515,7 @@
 	{CVE-2008-1804}
 	[lenny] - snort 2.7.0-19+lenny1
 [November 5th, 2008] DTSA-174-1 uw-imap - buffer overflow
+	{CVE-2008-5006 CVE-2008-5005}
 	[lenny] - uw-imap 2007b~dfsg-4+lenny1
 [November 5th, 2008] DTSA-175-1 vlc - integer overflows
 	{CVE-2008-4686}

More information about the Secure-testing-commits mailing list