thr3ads.net - Secure testing commits - [Secure-testing-commits] r11829

If this information is useful, please help other people find it:
Share via:

Giuseppe Iuculano

2009-May-07 10:28 UTC

[Secure-testing-commits] r11829 - data/CVE

Author: derevko-guest
Date: 2009-05-07 10:28:47 +0000 (Thu, 07 May 2009)
New Revision: 11829

Modified:
   data/CVE/list
Log:
NFUs
CVE-2009-1490: sendmail vulnerable versions too old


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-05-07 09:14:15 UTC (rev 11828)
+++ data/CVE/list	2009-05-07 10:28:47 UTC (rev 11829)
@@ -188,9 +188,9 @@
 CVE-2009-1492 (The getAnnots Doc method in the JavaScript API in Adobe Reader
and ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2009-1491 (McAfee GroupShield for Microsoft Exchange on Exchange Server
2000, and ...)
-	TODO: check
+	NOT-FOR-US: McAfee GroupShield for Microsoft Exchange
 CVE-2009-1490 (Heap-based buffer overflow in Sendmail before 8.13.2 allows
remote ...)
-	TODO: check
+	- sendmail <not-affected> (Vulnerable versions too old)
 CVE-2009-XXXX [samba: Account locking out doesnt work with an LDAP backend]
 	- samba 2:3.2.6 (bug #514151)
 	[lenny] - samba 2:3.2.5-4lenny1
@@ -258,11 +258,11 @@
 CVE-2009-1470
 	RESERVED
 CVE-2009-1469 (CRLF injection vulnerability in the Forgot Password
implementation in ...)
-	TODO: check
+	NOT-FOR-US: IceWarp
 CVE-2009-1468 (Multiple SQL injection vulnerabilities in the search form in
...)
-	TODO: check
+	NOT-FOR-US: IceWarp
 CVE-2009-1467 (Multiple cross-site scripting (XSS) vulnerabilities in IceWarp
eMail ...)
-	TODO: check
+	NOT-FOR-US: IceWarp
 CVE-2009-1466
 	RESERVED
 CVE-2009-1465

Nico Golde

2009-May-07 10:35 UTC

head link

[Secure-testing-commits] r11829 - data/CVE

Hi,
* Giuseppe Iuculano <derevko-guest at alioth.debian.org> [2009-05-07
12:34]:> Author: derevko-guest
> Date: 2009-05-07 10:28:47 +0000 (Thu, 07 May 2009)
> New Revision: 11829
> 
> Modified:
>    data/CVE/list
> Log:
> NFUs
> CVE-2009-1490: sendmail vulnerable versions too old
> 
> 
> Modified: data/CVE/list
> ==================================================================> ---
data/CVE/list	2009-05-07 09:14:15 UTC (rev 11828)
> +++ data/CVE/list	2009-05-07 10:28:47 UTC (rev 11829)
> @@ -188,9 +188,9 @@
>  CVE-2009-1492 (The getAnnots Doc method in the JavaScript API in Adobe
Reader and ...)
>  	NOT-FOR-US: Adobe Reader
>  CVE-2009-1491 (McAfee GroupShield for Microsoft Exchange on Exchange
Server 2000, and ...)
> -	TODO: check
> +	NOT-FOR-US: McAfee GroupShield for Microsoft Exchange
>  CVE-2009-1490 (Heap-based buffer overflow in Sendmail before 8.13.2 allows
remote ...)
> -	TODO: check
> +	- sendmail <not-affected> (Vulnerable versions too old)
If the version which had this bug was way older, please 
fill in the version that fixes it instead of marking it as 
not-affected.

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL:
<http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20090507/2ea4bd53/attachment.pgp>

Secure testing commits - May 2009 - r11829 - data/CVE

[Secure-testing-commits] r11829 - data/CVE

[Secure-testing-commits] r11829 - data/CVE