Author: nion Date: 2007-10-14 20:45:41 +0000 (Sun, 14 Oct 2007) New Revision: 6956 Modified: data/CVE/list Log: added TODOs for alpine Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-14 20:44:27 UTC (rev 6955) +++ data/CVE/list 2007-10-14 20:45:41 UTC (rev 6956) @@ -34270,6 +34270,7 @@ - uw-imap 7:2002edebian1-12 (medium; bug #332215) - pine 4.64-1 (medium; bug #348407) [sarge] - pine <no-dsa> (pine is non-free; doesn''t permit distribution of modified binaries) + TODO: check alpine CVE-2005-2932 (Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, ...) NOT-FOR-US: Check Point Zone Labs ZoneAlarm CVE-2005-2931 (Format string vulnerability in the SMTP service in IMail Server 8.20 ...) @@ -37827,6 +37828,7 @@ - pine 4.62-1 (low) NOTE: checked listed version, and it didn''t have the problem NOTE: non-free + TODO: check alpine CVE-2002-1902 (CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of ...) NOT-FOR-US: CGIForum CVE-2002-1901 (Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 ...) @@ -41656,6 +41658,7 @@ CVE-2005-1066 (Race condition in rpdump in Pine 4.62 and earlier allows local users ...) - pine 4.63-1 (unimportant) NOTE: Not shipped in the binary package + TODO: check alpine CVE-2005-1065 (tetex in Novell Linux Desktop 9 allows local users to determine the ...) - tetex-base <not-affected> (/var/cache/fonts is not writable by normal users in Debian) CVE-2005-1064 (The copy_symlink function in rsnapshot 1.2.0 and 1.1.x before 1.1.7 ...) @@ -49133,8 +49136,10 @@ NOT-FOR-US: solaris CVE-2003-0721 (Integer signedness error in rfc2231_get_param from strings.c in PINE ...) - pine 4.58 + TODO: check alpine CVE-2003-0720 (Buffer overflow in PINE before 4.58 allows remote attackers to execute ...) - pine 4.58 + TODO: check alpine CVE-2003-0719 (Buffer overflow in the Private Communications Transport (PCT) protocol ...) NOT-FOR-US: microsoft CVE-2003-0718 (The WebDAV Message Handler for Internet Information Services (IIS) ...)