[Secure-testing-commits] r14070 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Tue Feb 9 23:20:30 UTC 2010
Author: jmm-guest
Date: 2010-02-09 23:20:28 +0000 (Tue, 09 Feb 2010)
New Revision: 14070
Modified:
data/CVE/list
Log:
fetchmail CVEfied
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-09 23:18:50 UTC (rev 14069)
+++ data/CVE/list 2010-02-09 23:20:28 UTC (rev 14070)
@@ -1,7 +1,8 @@
CVE-2010-0563 (The Single Sign-on (SSO) functionality in IBM WebSphere Application ...)
TODO: check
CVE-2010-0562 (The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, ...)
- TODO: check
+ - fetchmail 6.3.13-2 (low)
+ NOTE: the conditions so that this is exploitable are rather obscure
CVE-2010-0561 (Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before ...)
TODO: check
CVE-2010-0560 (Unspecified vulnerability in the BIOS in Intel Desktop Board DB, DG, ...)
@@ -230,10 +231,6 @@
CVE-2010-XXXX [browser javascript document.write denial-of-service]
- xulrunner <unfixed> (unimportant; bug #568486)
- webkit <unfixed> (unimportant; bug #568485)
-CVE-2010-XXXX [fetchmail heap overflow]
- - fetchmail 6.3.13-2 (low)
- NOTE: the conditions so that this is exploitable are rather obscure
- NOTE: CVE id requested by upstream on oss-sec
CVE-2010-XXXX [moinmoin unspecified issue]
- moin <unfixed>
NOTE: http://moinmo.in/SecurityFixes
More information about the Secure-testing-commits
mailing list