[Secure-testing-commits] r15119 - in data: . CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Aug 3 18:12:32 UTC 2010
Author: gilbert-guest
Date: 2010-08-03 18:12:29 +0000 (Tue, 03 Aug 2010)
New Revision: 15119
Modified:
data/CVE/list
data/embedded-code-copies
Log:
some embeds fixed; new ssmtp issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-08-03 18:12:04 UTC (rev 15118)
+++ data/CVE/list 2010-08-03 18:12:29 UTC (rev 15119)
@@ -1,4 +1,5 @@
CVE-2010-XXXX [Insufficient stripping of CR/LF allows arbitrary IRC command execution]
+ - libpoe-component-irc-perl 6.32+dfsg-1
[lenny] - libpoe-component-irc-perl <no-dsa> (#581194)
CVE-2010-2926 (SQL injection vulnerability in index.php in sNews 1.7 allows remote ...)
NOT-FOR-US: sNews CMS
@@ -1283,6 +1284,8 @@
NOT-FOR-US: Opera
CVE-2010-2420 (Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser ...)
NOT-FOR-US: Sleipnir
+CVE-2008-7258 [ssmtp buffer overflow]
+ - ssmtp <unfixed> (bug #591515)
CVE-2008-7257 (CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco ...)
NOT-FOR-US: Cisco Adaptive Security Appliances
CVE-2010-2479 (Cross-site scripting (XSS) vulnerability in HTML Purifier before ...)
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2010-08-03 18:12:04 UTC (rev 15118)
+++ data/embedded-code-copies 2010-08-03 18:12:29 UTC (rev 15119)
@@ -794,8 +794,8 @@
- exaile 0.2.14+debian-2.1 (embed; bug #555245)
- hobix 0.5~svn20070319-4 (embed; bug #555247)
- zabbix 1.6.6-4 (embed; bug #555250)
- - chora2 <unfixed> (embed; bug #555253)
- - gollem <unfixed> (embed; bug # 555254)
+ - chora2 2.1.1+debian0-1 (embed; bug #555253)
+ - gollem 1.1.1+debian0-1 (embed; bug # 555254)
- jscropperui 1.2.1-1 (embed; bug #555257)
- scriptaculous <not-affected> (uses system prototype.js since initial upload; bug #555260)
- ingo1 1.2.3+debian0-1 (embed; bug #555261)
More information about the Secure-testing-commits
mailing list