[Secure-testing-commits] r13474 - in data: . CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Mon Dec 7 03:10:28 UTC 2009 

Author: gilbert-guest
Date: 2009-12-07 03:10:28 +0000 (Mon, 07 Dec 2009)
New Revision: 13474

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
info for dovecot and libgadu issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-07 03:10:14 UTC (rev 13473)
+++ data/CVE/list	2009-12-07 03:10:28 UTC (rev 13474)
@@ -16177,8 +16177,9 @@
 CVE-2008-4879 (SQL injection vulnerability in prod.php in Maran PHP Shop allows ...)
 	NOT-FOR-US: Maran PHP Shop
 CVE-2008-4907 (The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the ...)
-	- dovecot <not-affected> (Vulnerable code not present prior to 1.1.4)
-	TODO: check again if >= 1.1.4 gets uploaded
+	- dovecot 1:1.1.7-1 (low)
+	[etch] - dovecot <not-affected> (Vulnerable code not present prior to 1.1.4)
+	[lenny] - dovecot <not-affected> (Vulnerable code not present prior to 1.1.4)
 CVE-2008-5186 (** DISPUTED ** ...)
 	{DTSA-179-1}
 	- geshi 1.0.8.1-1 (unimportant; bug #504445)
@@ -16477,7 +16478,8 @@
 	- libgadu 1:1.8.0+r592-3 (low; bug #503916)
 	- kadu 0.6.0.2-3 (low; bug #504429)
 	- ekg 1:1.8~rc0-1 (low)
-	TODO: check other embedding packages
+	- centerim <unfixed> (low; bug #559782)
+	- qutecom <unfixed> (low; bug #559784)
 CVE-2008-4769 (Directory traversal vulnerability in the get_category_template ...)
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.5.1-1

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2009-12-07 03:10:14 UTC (rev 13473)
+++ data/embedded-code-copies	2009-12-07 03:10:28 UTC (rev 13474)
@@ -141,7 +141,7 @@
 	- dpkg <unfixed> (static)
 
 libgadu
-	- centericq <unfixed> (embed)
+	- centerim <unfixed> (embed; bug #559783)
 	- pidgin <not-affected> (links dynamically since initial release; fixed in gaim)
 	- gaim 1:2.0.0+beta3-3 (embed; bug #360280)
 	- kdenetwork 4:3.3.2-5 (embed)
@@ -1024,6 +1024,7 @@
 
 pidgin
 	- gaim <removed> (old-version)
+	- qutecom <unfixed> (embed; bug #559785)
 
 icu
 	- webkit 1.0.1-1 (embed; bug #547214)

More information about the Secure-testing-commits mailing list