[Secure-testing-commits] r18233 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Jan 20 17:20:24 UTC 2012 

Author: jmm
Date: 2012-01-20 17:20:24 +0000 (Fri, 20 Jan 2012)
New Revision: 18233

Modified:
   data/CVE/list
Log:
citadel fixed
three older otrs issues unimportant after consultation with upstream


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-20 17:13:06 UTC (rev 18232)
+++ data/CVE/list	2012-01-20 17:20:24 UTC (rev 18233)
@@ -11183,7 +11183,7 @@
 	NOTE: DJabberd
 CVE-2011-1756 (modules/xmpp/serv_xmpp.c in Citadel 7.86 and earlier does not properly ...)
 	{DSA-2250-1}
-	- citadel <unfixed> (medium)
+	- citadel 8.04-1 (medium)
 CVE-2011-1755 (jabberd2 before 2.2.14 does not properly detect recursion during ...)
 	- jabberd2 2.2.8-2.1 (medium)
 CVE-2011-1754 (jabberd14 1.6.1.1 and earlier does not properly detect recursion ...)
@@ -12145,7 +12145,7 @@
 	- webkit <not-affected> (chromium specific)
 CVE-2011-1433 (The (1) AgentInterface and (2) CustomerInterface components in Open ...)
 	- otrs2 3.0.8+dfsg1-1
-	TODO: check, whether otrs2 is really affected
+	NOTE: Negligable security impact
 CVE-2010-4768 (Open Ticket Request System (OTRS) before 2.3.5 does not properly ...)
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
@@ -12162,15 +12162,14 @@
 	- otrs2 2.4.10+dfsg1-1 (unimportant)
 	NOTE: Marginal security impact, standard bug
 CVE-2010-4763 (The ACL-customer-status Ticket Type setting in Open Ticket Request ...)
-	- otrs2 3.0.8+dfsg1-1
-	TODO: check, whether otrs2 is really affected
+	- otrs2 3.0.8+dfsg1-1 (unimportant)
+	NOTE: Negligable security impact
 CVE-2010-4762 (Cross-site scripting (XSS) vulnerability in the rich-text-editor ...)
-	- otrs2 3.0.8+dfsg1-1
-	TODO: check, whether otrs2 is really affected
+	- otrs2 3.0.8+dfsg1-1 (unimportant)
+	NOTE: Negligable security impact
 CVE-2010-4761 (The customer-interface ticket-print dialog in Open Ticket Request ...)
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Marginal security impact, standard bug
-	TODO: check, whether otrs2 is really affected
 CVE-2010-4760 (Open Ticket Request System (OTRS) before 3.0.0-beta6 adds ...)
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: No security impact, feature enhancement

More information about the Secure-testing-commits mailing list