thijs at alioth.debian.org
2008-Mar-15 23:32 UTC
[Secure-testing-commits] r8339 - in data: CVE DSA
Author: thijs
Date: 2008-03-15 23:32:50 +0000 (Sat, 15 Mar 2008)
New Revision: 8339
Modified:
data/CVE/list
data/DSA/list
Log:
horde3 fixed in sid/etch/sarge
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-03-15 22:18:43 UTC (rev 8338)
+++ data/CVE/list 2008-03-15 23:32:50 UTC (rev 8339)
@@ -9,7 +9,7 @@
CVE-2008-1285 (Cross-site scripting (XSS) vulnerability in Sun Java Server
Faces ...)
NOT-FOR-US: Sun Java Server Faces
CVE-2008-1284 (Directory traversal vulnerability in Horde 3.1.6, Groupware
before ...)
- - horde3 <unfixed> (medium; bug #470640)
+ - horde3 3.1.7-1 (medium; bug #470640)
CVE-2008-1283 (Cross-site scripting (XSS) vulnerability in Neptune Web Server
3.0 ...)
NOT-FOR-US: Neptune Web Server
CVE-2008-1282 (Buffer overflow in the BFup ActiveX control (BFup.dll) in
B21Soft BFup ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2008-03-15 22:18:43 UTC (rev 8338)
+++ data/DSA/list 2008-03-15 23:32:50 UTC (rev 8339)
@@ -1,3 +1,7 @@
+[15 Mar 2008] DSA-1519-1 horde3 - information disclosure
+ {CVE-2008-1284}
+ [sarge] - horde3 3.0.4-4sarge7
+ [etch] - horde3 3.1.3-4etch3
[15 Mar 2008] DSA-1518-1 backup-manager - information disclosure
{CVE-2007-4656}
[sarge] - backup-manager 0.5.7-1sarge2