Author: neilm Date: 2006-11-11 11:50:50 +0100 (Sat, 11 Nov 2006) New Revision: 4950 Modified: data/CVE/list Log: I''m special. Source for sqwebmail is courier Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-11-11 10:45:15 UTC (rev 4949) +++ data/CVE/list 2006-11-11 10:50:50 UTC (rev 4950) @@ -25021,7 +25021,7 @@ CVE-2005-1309 (Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote ...) NOT-FOR-US: bBlog CVE-2005-1308 (SqWebMail allows remote attackers to inject arbitrary web script or ...) - - sqwebmail <unfixed> (bug #307575; medium) + - courier <unfixed> (bug #307575; medium) NOTE: Upstream explanation looks wrong, not all code paths perform escaping. NOTE: Sarge and Woody are affected CVE-2005-1307 (The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version ...)