[Secure-testing-commits] r14026 - data/CVE
Nico Golde
nion at alioth.debian.org
Thu Feb 4 13:05:19 UTC 2010
Author: nion
Date: 2010-02-04 13:05:15 +0000 (Thu, 04 Feb 2010)
New Revision: 14026
Modified:
data/CVE/list
Log:
- fetchmail heap overflow fixed in 6.3.13-2
- cveified and verified CVE-2010-0305 (ejabberd)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-04 12:09:19 UTC (rev 14025)
+++ data/CVE/list 2010-02-04 13:05:15 UTC (rev 14026)
@@ -1,7 +1,7 @@
-CVE-2010-XXXX [ejabberd DoS via "c2s" messages]
- - ejabberd <unfixed>
- NOTE: https://support.process-one.net/browse/EJAB-1173
- TODO: check
+CVE-2010-XXXX [fetchmail heap overflow]
+ - fetchmail 6.3.13-2 (low)
+ NOTE: the conditions so that this is exploitable are rather obscure
+ NOTE: CVE id requested by upstream on oss-sec
CVE-2010-XXXX [moinmoin unspecified issue]
- moin <unfixed>
NOTE: http://moinmo.in/SecurityFixes
@@ -498,8 +498,10 @@
RESERVED
CVE-2010-0306
RESERVED
-CVE-2010-0305
+CVE-2010-0305 [ejabberd DoS via "c2s" messages]
RESERVED
+ - ejabberd <unfixed> (medium; bug #568383)
+ NOTE: https://support.process-one.net/browse/EJAB-1173
CVE-2010-0304 [wireshark LWRES issue]
RESERVED
{DSA-1983-1}
More information about the Secure-testing-commits
mailing list