thijs at alioth.debian.org
2008-Mar-24 10:59 UTC
[Secure-testing-commits] r8393 - data/CVE
Author: thijs Date: 2008-03-24 10:59:34 +0000 (Mon, 24 Mar 2008) New Revision: 8393 Modified: data/CVE/list Log: otrs issue not relevant for sarge/etch requested CVE id for serendipity XSS Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-03-23 13:34:03 UTC (rev 8392) +++ data/CVE/list 2008-03-24 10:59:34 UTC (rev 8393) @@ -1,3 +1,7 @@ +CVE-2008-XXXX [Serendipity XSS in trackbacks] + - serendipity 1.3-1 + NOTE: http://blog.s9y.org/archives/192-Serendipity-1.3-released-addresses-security.html + NOTE: CVE id requested CVE-2008-XXXX [multiple security issues in kses as used in egroupware] - egroupware 1.4.002.dfsg-2.1 (bug #471839) CVE-2008-XXXX [OTRS osa-2008-01] @@ -2,4 +6,6 @@ - otrs2 2.2.5-2 + [etch] - otrs2 <not-affected> (Vulnerable code not present) + [etch] - otrs <not-affected> (Vulnerable code not present) + [sarge] - otrs <not-affected> (Vulnerable code not present) NOTE: http://packages.qa.debian.org/o/otrs2/news/20080320T211729Z.html - NOTE: maintainer claims sarge/etch unaffected but details lacking CVE-2008-XXXX [unspecified egroupware security issue]