[Secure-testing-commits] r11895 - data/CVE

Nico Golde nion at alioth.debian.org
Wed May 13 22:30:27 UTC 2009


Author: nion
Date: 2009-05-13 22:30:27 +0000 (Wed, 13 May 2009)
New Revision: 11895

Modified:
   data/CVE/list
Log:
add squirrelmail impacts and patch information

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-05-13 21:14:14 UTC (rev 11894)
+++ data/CVE/list	2009-05-13 22:30:27 UTC (rev 11895)
@@ -138,16 +138,21 @@
 	- system-tools-backends <unfixed> (low; bug #527952)
 CVE-2009-1581 [SquirrelMail CSS positioning]
 	RESERVED
-	- squirrelmail 2:1.4.18-1 (bug #528528)
+	- squirrelmail 2:1.4.18-1 (low; bug #528528)
+	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13667
 CVE-2009-1580 [SquirrelMail session fixation]
 	RESERVED
-	- squirrelmail 2:1.4.18-1 (bug #528528)
+	- squirrelmail 2:1.4.18-1 (low; bug #528528)
+	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13676
 CVE-2009-1579 [Squirrelmail map_yp_alias code injection]
 	RESERVED
-	- squirrelmail 2:1.4.18-1 (bug #528528)
+	- squirrelmail 2:1.4.18-1 (medium; bug #528528)
+	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13674
+	NOTE: doesn't affect every setup
 CVE-2009-1578 [SquirrelMail XSS]
 	RESERVED
-	- squirrelmail 2:1.4.18-1 (bug #528528)
+	- squirrelmail 2:1.4.18-1 (low; bug #528528)
+	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13670
 CVE-2009-1577 (Multiple stack-based buffer overflows in the putstring function in ...)
 	- cscope 15.6-1
 CVE-2009-1576 (Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before ...)




More information about the Secure-testing-commits mailing list