Secure testing commits - May 2005 - r947 - sarge-checks/CAN

Author: jmm-guest
Date: 2005-05-01 12:04:44 +0000 (Sun, 01 May 2005)
New Revision: 947

Modified:
   sarge-checks/CAN/list
Log:
More Horde entries.


Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-05-01 11:54:07 UTC (rev 946)
+++ sarge-checks/CAN/list	2005-05-01 12:04:44 UTC (rev 947)
@@ -88,17 +88,19 @@
 CAN-2005-1321 (Cross-site scripting (XSS) vulnerability in Horde Vacation
module ...)
 	- sork-vacation (unfixed; bug filed)
 CAN-2005-1320 (Cross-site scripting (XSS) vulnerability in Horde Mnemo Note
Manager ...)
-	TODO: check
+	- mnemo (unfixed; bug filed)
+	TODO: check whether nmeno2 is affected as well
 CAN-2005-1319 (Cross-site scripting (XSS) vulnerability in Horde IMP Webmail
client ...)
-	TODO: check
+	TODO: check whether this applies to imp4 as well, which is in Debian, imp 3 is
not
 CAN-2005-1318 (Cross-site scripting (XSS) vulnerability in Horde Forwards
E-Mail ...)
 	- sork-forwards (unfixed; bug filed)
 CAN-2005-1317 (Cross-site scripting (XSS) vulnerability in Horde Chora module
before ...)
-	TODO: check
+	NOTE: not-for-us (Hord Chora module)
 CAN-2005-1316 (Cross-site scripting (XSS) vulnerability in Horde Accounts
module ...)
-	TODO: check
+	- sork-accounts (unfixed; bug filed)
 CAN-2005-1315 (Cross-site scripting (XSS) vulnerability in Horde Turba module
before ...)
-	TODO: check
+	NOTE: Asked maintainer whether turba2 is affected as well
+	- turba (unfixed; bug filed)
 CAN-2005-1314 (Cross-site scripting (XSS) vulnerability in Horde Kronolith
module ...)
 	- kronolith (unfixed; bug pending)
 CAN-2005-1313 (Cross-site scripting (XSS) vulnerability in Horde Passwd module
before ...)