[Secure-testing-commits] r15119 - in data: . CVE

[Michael Gilbert]

Author: gilbert-guest
Date: 2010-08-03 18:12:29 +0000 (Tue, 03 Aug 2010)
New Revision: 15119

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
some embeds fixed; new ssmtp issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-08-03 18:12:04 UTC (rev 15118)
+++ data/CVE/list	2010-08-03 18:12:29 UTC (rev 15119)
@@ -1,4 +1,5 @@
 CVE-2010-XXXX [Insufficient stripping of CR/LF allows arbitrary IRC command execution]
+	- libpoe-component-irc-perl 6.32+dfsg-1
 	[lenny] - libpoe-component-irc-perl <no-dsa> (#581194)
 CVE-2010-2926 (SQL injection vulnerability in index.php in sNews 1.7 allows remote ...)
 	NOT-FOR-US: sNews CMS
@@ -1283,6 +1284,8 @@
 	NOT-FOR-US: Opera
 CVE-2010-2420 (Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser ...)
 	NOT-FOR-US: Sleipnir
+CVE-2008-7258 [ssmtp buffer overflow]
+	- ssmtp <unfixed> (bug #591515)
 CVE-2008-7257 (CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2010-2479 (Cross-site scripting (XSS) vulnerability in HTML Purifier before ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2010-08-03 18:12:04 UTC (rev 15118)
+++ data/embedded-code-copies	2010-08-03 18:12:29 UTC (rev 15119)
@@ -794,8 +794,8 @@
 	- exaile 0.2.14+debian-2.1 (embed; bug #555245)
 	- hobix 0.5~svn20070319-4 (embed; bug #555247)
 	- zabbix 1.6.6-4 (embed; bug #555250)
-	- chora2 <unfixed> (embed; bug #555253)
-	- gollem <unfixed> (embed; bug # 555254)
+	- chora2 2.1.1+debian0-1 (embed; bug #555253)
+	- gollem 1.1.1+debian0-1 (embed; bug # 555254)
 	- jscropperui 1.2.1-1 (embed; bug #555257)
 	- scriptaculous <not-affected> (uses system prototype.js since initial upload; bug #555260)
 	- ingo1 1.2.3+debian0-1 (embed; bug #555261)