[Secure-testing-commits] r17383 - in data: CVE DSA
Nico Golde
nion at alioth.debian.org
Thu Oct 6 20:19:23 UTC 2011
Author: nion
Date: 2011-10-06 20:19:22 +0000 (Thu, 06 Oct 2011)
New Revision: 17383
Modified:
data/CVE/list
data/DSA/list
Log:
DSA-2318-1 (cyrus-imapd-2.2)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-10-06 15:58:01 UTC (rev 17382)
+++ data/CVE/list 2011-10-06 20:19:22 UTC (rev 17383)
@@ -1427,6 +1427,11 @@
RESERVED
CVE-2011-3372
RESERVED
+ - cyrus-imapd-2.2 2.4.11-1 (medium)
+ - cyrus-imapd-2.4 2.4.11-1 (medium)
+ - kolab-cyrus-imapd <unfixed> (medium)
+ TODO: file bug for kolab-cyrus-imapd
+ NOTE: medium because it allows to exploit CVE-2011-3208 unauthenticated
CVE-2011-3371 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
CVE-2011-3370
@@ -1837,7 +1842,7 @@
CVE-2011-3209
RESERVED
CVE-2011-3208 (Stack-based buffer overflow in the split_wildmats function in nntpd.c ...)
- - cyrus-imapd-2.2 <unfixed> (medium)
+ - cyrus-imapd-2.2 2.4.11-1 (medium)
- cyrus-imapd-2.4 2.4.11-1 (medium)
- kolab-cyrus-imapd <unfixed> (medium)
TODO: file bug for kolab-cyrus-imapd
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2011-10-06 15:58:01 UTC (rev 17382)
+++ data/DSA/list 2011-10-06 20:19:22 UTC (rev 17383)
@@ -1,3 +1,7 @@
+[06 Oct 2011] DSA-2318-1 cyrus-imapd-2.2 - several
+ {CVE-2011-3372 CVE-2011-3208}
+ [squeeze] - cyrus-imapd-2.2 2.2.13-19+squeeze2
+ [lenny] - cyrus-imapd-2.2 2.2.13-14+lenny5
[05 Oct 2011] DSA-2317-1 icedove - several
{CVE-2011-2372 CVE-2011-2995 CVE-2011-2998 CVE-2011-2999 CVE-2011-3000 }
[squeeze] - icedove 3.0.11-1+squeeze5
More information about the Secure-testing-commits
mailing list