thijs at alioth.debian.org
2008-Jan-02 09:00 UTC
[Secure-testing-commits] r7783 - data/CVE
Author: thijs Date: 2008-01-02 09:00:09 +0000 (Wed, 02 Jan 2008) New Revision: 7783 Modified: data/CVE/list Log: dovecot "issues" also regarded as nonissues by Mitre, will not get CVE''s assigned so no use leaving them here. Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-01 21:15:38 UTC (rev 7782) +++ data/CVE/list 2008-01-02 09:00:09 UTC (rev 7783) @@ -79,14 +79,6 @@ [sarge] - dovecot <not-affected> (Vulnerable code not present) NOTE: http://dovecot.org/list/dovecot-news/2007-December/000057.html NOTE: low, because issue is only with quite rare configurations - NOTE: CVE id requested -CVE-2007-XXXX [dovecot LDAP infinite loop] - - dovecot 1:1.0.10-1 (unimportant) - NOTE: Can only be triggered by an attacker being able to disconnect, - NOTE: not by normal users, fixed in 1.0.10 -CVE-2007-XXXX [uidlist crash] - - dovecot 1:1.0.10-1 (unimportant) - NOTE: Only terminates a single connection, no security impact, fixed in 1.0.10 CVE-2007-XXXX [mongrel remote arbitrary file disclosure] - mongrel 1.1.3-1 (medium) NOTE: CVE id requested