[Secure-testing-commits] r12869 - in data: . CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Tue Sep 22 18:31:47 UTC 2009
Author: derevko-guest
Date: 2009-09-22 18:31:46 +0000 (Tue, 22 Sep 2009)
New Revision: 12869
Modified:
data/CVE/list
data/ospu-candidates.txt
data/spu-candidates.txt
Log:
- spu notifications
- CVE-2009-3235 is a different vulnerability than CVE-2009-2632
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-22 09:14:19 UTC (rev 12868)
+++ data/CVE/list 2009-09-22 18:31:46 UTC (rev 12869)
@@ -74,7 +74,10 @@
CVE-2009-3237 (Multiple cross-site scripting (XSS) vulnerabilities in Horde ...)
TODO: check
CVE-2009-3235 (Multiple stack-based buffer overflows in the Sieve plugin in Dovecot ...)
+ - cyrus-imapd-2.2 <unfixed> (medium; bug #547947)
+ - kolab-cyrus-imapd <unfixed> (medium; bug #547712)
- dovecot 1:1.2.1-1 (medium; bug #546656)
+ NOTE: This is a different vulnerability than CVE-2009-2632, it covers a few additional buffer overflows
CVE-2009-3228
RESERVED
CVE-2005-4881
@@ -2386,10 +2389,8 @@
CVE-2009-2632 (Buffer overflow in the SIEVE script component (sieve/script.c), as ...)
{DSA-1881-1}
- cyrus-imapd-2.2 2.2.13-15 (medium)
- - kolab-cyrus-imapd (medium; bug #547712)
- - dovecot 1:1.2.1-1 (medium)
- NOTE: the CVE-2009-3235 text for dovecot says that that is a different issues,
- NOTE: but the advisories and code changes are the same as for this CVE
+ - kolab-cyrus-imapd <unfixed> (medium; bug #547712)
+ - dovecot 1:1.2.1-1 (medium; bug #546656)
CVE-2009-2631
RESERVED
CVE-2009-2630
Modified: data/ospu-candidates.txt
===================================================================
--- data/ospu-candidates.txt 2009-09-22 09:14:19 UTC (rev 12868)
+++ data/ospu-candidates.txt 2009-09-22 18:31:46 UTC (rev 12869)
@@ -573,6 +573,11 @@
--
+rails (CVE-2009-3086)
+bug #545063
+
+--
+
rancid (CVE-2008-4979)
#496426
notified maintainer
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2009-09-22 09:14:19 UTC (rev 12868)
+++ data/spu-candidates.txt 2009-09-22 18:31:46 UTC (rev 12869)
@@ -70,6 +70,7 @@
gupnp (CVE-2009-2174)
#534594
+notified maintainer
--
@@ -231,6 +232,11 @@
--
+rails (CVE-2009-3086)
+bug #545063
+
+--
+
slim (CVE-2009-1756)
bug #529306
Maintainer notified through followup in #529306
More information about the Secure-testing-commits
mailing list