[Secure-testing-commits] r11147 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Wed Feb 4 23:21:43 UTC 2009
Author: white
Date: 2009-02-04 23:21:43 +0000 (Wed, 04 Feb 2009)
New Revision: 11147
Modified:
data/CVE/list
Log:
Newer roundcube is in experimental, so mark the issue accordingly
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-04 23:08:00 UTC (rev 11146)
+++ data/CVE/list 2009-02-04 23:21:43 UTC (rev 11147)
@@ -6,8 +6,9 @@
- trickle <unfixed> (bug #513456; low)
[etch] - trickle <no-dsa> (Minor issue)
CVE-2009-0413 (Cross-site scripting (XSS) vulnerability in RoundCube Webmail ...)
- - roundcube <not-affected> (Vulnerable code not present)
- NOTE: Seems to affect versions 0.2, but debian only has 0.1 packaged at the moment
+ - roundcube <unfixed> (low; bug #514179)
+ [lenny] - roundcube <not-affected> (Vulnerable code not present)
+ NOTE: Seems to affect version 0.2, which is only in experimental
CVE-2009-0412 (The ProcessLogin function in class.auth.php in Interspire Shopping ...)
NOT-FOR-US: Interspire Shopping Cart
CVE-2009-0411 (Google Chrome before 1.0.154.46 does not properly restrict access from ...)
More information about the Secure-testing-commits
mailing list