[Secure-testing-commits] r12864 - in data: . CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Mon Sep 21 19:21:19 UTC 2009


Author: gilbert-guest
Date: 2009-09-21 19:21:19 +0000 (Mon, 21 Sep 2009)
New Revision: 12864

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
dovecot in etch/lenny also affected by cyrus code copy
- note that cve text says > 1.0.4 fixed, but i've checked lenny's 1.0.15
  and its code is still vulnerable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-09-21 18:51:28 UTC (rev 12863)
+++ data/CVE/list	2009-09-21 19:21:19 UTC (rev 12864)
@@ -2330,6 +2330,7 @@
 	{DSA-1881-1}
 	- cyrus-imapd-2.2 2.2.13-15 (medium)
 	- kolab-cyrus-imapd (medium; bug #547712)
+	- dovecot 1.2.1-1 (medium)
 CVE-2009-2631
 	RESERVED
 CVE-2009-2630

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2009-09-21 18:51:28 UTC (rev 12863)
+++ data/embedded-code-copies	2009-09-21 19:21:19 UTC (rev 12864)
@@ -938,5 +938,6 @@
 	- texlive-bin <unfixed> (fork)
 	NOTE: texlive upstream working with icu upstream to merge their changes
 
-cyrus
+cyrus-imapd-2.2
 	- kolab-cyrus-imapd <unfixed> (fork)
+	- dovecot 1:1.2.1-1 (embed) [/dovecot-sieve/src/libsieve/*]




More information about the Secure-testing-commits mailing list