[Secure-testing-commits] r10551 - in data: . CVE
white at alioth.debian.org
white at alioth.debian.org
Sun Nov 30 08:47:08 UTC 2008
Author: white
Date: 2008-11-30 08:47:08 +0000 (Sun, 30 Nov 2008)
New Revision: 10551
Modified:
data/CVE/list
data/spu-candidates.txt
Log:
Mark horde3 XSS with no-dsa; use no-das as well and document dup
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-11-30 08:34:35 UTC (rev 10550)
+++ data/CVE/list 2008-11-30 08:47:08 UTC (rev 10551)
@@ -3908,6 +3908,7 @@
- horde3 3.2.1+debian0-1 (low; bug #495332)
- turba2 2.2.1-1
[etch] - turba2 <not-affected> (Vulnerable code not present)
+ [etch] - horde3 <no-dsa> (Minor issue, dup of CVE-2008-3330)
NOTE: this is actually two issues:
NOTE: - one a dup of CVE-2008-3330 in horde3
NOTE: - another an issue in turba2
@@ -4923,7 +4924,7 @@
- horde3 3.2.1+debian0-1 (low; bug #492578)
- turba2 2.2.1-1 (low)
[etch] - turba2 <not-affected> (only version 2.2 contains vulnerable code, etch has 2.1)
- TODO: <confirm> tag
+ [etch] - horde3 <no-dsa> (Minor issue)
CVE-2008-3325 (Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before ...)
- moodle 1.8.1-1 (low)
NOTE: http://moodle.org/mod/forum/discuss.php?d=101405
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2008-11-30 08:34:35 UTC (rev 10550)
+++ data/spu-candidates.txt 2008-11-30 08:47:08 UTC (rev 10551)
@@ -201,6 +201,11 @@
--
+horde3 (CVE-2008-3330)
+#495332
+
+--
+
hplip (CVE-2008-2940/CVE-2008-2941)
#499842
notified maintainer
More information about the Secure-testing-commits
mailing list