thijs at alioth.debian.org
2008-Mar-04 21:29 UTC
[Secure-testing-commits] r8260 - data/CVE
Author: thijs
Date: 2008-03-04 21:29:55 +0000 (Tue, 04 Mar 2008)
New Revision: 8260
Modified:
data/CVE/list
Log:
am-utils issue cve''ified
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-03-04 21:14:10 UTC (rev 8259)
+++ data/CVE/list 2008-03-04 21:29:55 UTC (rev 8260)
@@ -106,7 +106,9 @@
CVE-2008-1079
RESERVED
CVE-2008-1078 (expn in the am-utils and net-fs packages for Gentoo, rPath
Linux, and ...)
- TODO: check
+ - am-utils <not-affected> (Affected code not present in the binary
package)
+ NOTE: sendmail includes a copy of the script, which has been fixed since
+ NOTE: several years
CVE-2008-1077 (SQL injection vulnerability in index.php in the Simpleboard ...)
TODO: check
CVE-2008-1076 (Cross-site scripting (XSS) vulnerability in search.php in
Interspire ...)
@@ -728,10 +730,6 @@
NOTE: source package named sword, binary package named diatheke
CVE-2008-0806 (wyrd 1.4.3b allows local users to overwrite arbitrary files via
a ...)
- wyrd 1.4.3b-4 (low; bug #466382)
-CVE-2008-XXXX [am-utils insecure temp file /tmp/expn$$ ]
- - am-utils <not-affected> (Affected code not present in the binary
package)
- NOTE: sendmail includes a copy of the script, which has been fixed since
- NOTE: several years
CVE-2008-0807 (lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x
before ...)
{DSA-1507-1}
- turba2 2.1.7-1 (bug #464058)