Author: jmm-guest Date: 2006-10-22 20:18:02 +0000 (Sun, 22 Oct 2006) New Revision: 4869 Modified: data/CVE/list Log: uw-imap unimportant Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-10-21 22:13:37 UTC (rev 4868) +++ data/CVE/list 2006-10-22 20:18:02 UTC (rev 4869) @@ -6236,7 +6236,7 @@ NOTE: The Windows clipboard is a public resource anyway. CVE-2006-2611 (Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in ...) - mediawiki1.7 <not-affected> (Fixed in 1.7 prior to release) - - mediawiki1.5 <unfixed> + - mediawiki1.5 <unfixed> (bug #394568) CVE-2006-2610 (Cross-site scripting (XSS) vulnerability in view.php in phpRaid 2.9.5 ...) NOT-FOR-US: phpRaid CVE-2006-2609 (artmedic newsletter 4.1.2 and possibly other versions, when ...) @@ -21345,8 +21345,10 @@ CVE-2005-1976 (Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets ...) NOT-FOR-US: Novell NetMail CVE-2002-1782 (The default configuration of University of Washington IMAP daemon ...) - - uw-imap <unfixed> (bug #315499; low) - [sarge] - uw-imap <no-dsa> (Documented shortcoming, under admin control) + - uw-imap <unfixed> (bug #315499; unimportant) + NOTE: This only applies to very exotic setups. It''s also documented in the FAQ + NOTE: and if someone has such a setup she will have to recompile the package with + NOTE: the security features enabled. CVE-2002-1781 (Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote ...) NOT-FOR-US: DeleGate CVE-2002-1780 (BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a ...)