[Secure-testing-commits] r37230 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Oct 22 05:16:39 UTC 2015


Author: carnil
Date: 2015-10-22 05:16:39 +0000 (Thu, 22 Oct 2015)
New Revision: 37230

Modified:
   data/CVE/list
Log:
Update cyrus-imapd-2.4 entry

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-10-22 05:05:55 UTC (rev 37229)
+++ data/CVE/list	2015-10-22 05:16:39 UTC (rev 37230)
@@ -1206,7 +1206,8 @@
 	[jessie] - nodejs <not-affected> (Vulnerability not present)
 	NOTE: https://groups.google.com/forum/#!topic/nodejs-sec/fSNEQiuof6I
 CVE-2015-XXXX [urlfetch range handling flaw in Cyrus IMAP]
-	- cyrus-imapd-2.4 2.4.17+nocaldav-2
+	- cyrus-imapd-2.4 <unfixed>
+	NOTE: Patch in 2.4.17+nocaldav-2 incomplete, needs check
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/29/2
 CVE-2015-7383 (Multiple cross-site scripting (XSS) vulnerabilities in Web Reference ...)
 	NOT-FOR-US: Web Reference Database (aka refbase)




More information about the Secure-testing-commits mailing list