thr3ads.net - Secure testing commits - [Secure-testing-commits] r3156

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2005-Dec-25 10:52 UTC

[Secure-testing-commits] r3156 - data/CVE

Author: jmm-guest
Date: 2005-12-25 10:52:02 +0000 (Sun, 25 Dec 2005)
New Revision: 3156

Modified:
   data/CVE/list
Log:
three horde apps fixed
some kernel updates


Modified: data/CVE/list
==================================================================---
data/CVE/list	2005-12-24 18:36:12 UTC (rev 3155)
+++ data/CVE/list	2005-12-25 10:52:02 UTC (rev 3156)
@@ -619,13 +619,13 @@
 CVE-2005-4242 (Multiple cross-site scripting (XSS) vulnerabilities in Horde
Turba H3 ...)
 	- turba2 2.0.5-1 (bug #342946; medium)
 CVE-2005-4192 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	- mnemo2 <unfixed> (bug #342944; medium)
+	- mnemo2 2.0.3-1 (bug #342944; medium)
 CVE-2005-4191 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	- nag2 <unfixed> (bug #342945; medium)
+	- nag2 2.0.4-1 (bug #342945; medium)
 CVE-2005-4190 (Multiple cross-site scripting (XSS) vulnerabilities in Horde
...)
 	- horde3 3.0.9-1 (bug #342942; medium)
 CVE-2005-4189 (Multiple cross-site scripting (XSS) vulnerabilities in Horde
Kronolith ...)
-	- kronolith <unfixed> (bug #342943; medium)
+	- kronolith 2.0.6-1 (bug #342943; medium)
 CVE-2005-4188
 	RESERVED
 CVE-2005-4187
@@ -17984,7 +17984,8 @@
 CVE-2004-0229 (The framebuffer driver in Linux kernel 2.6.x does not properly
use the ...)
 	NOT-FOR-US: Kernel 2.6 framebuffer bug
 CVE-2004-0228 (Integer signedness error in the cpufreq proc handler
(cpufreq_procctl) ...)
-	NOTE: fixed in linux 2.4.27-pre3
+	- kernel-source-2.4.27 <not-affected> (2.4 does not have cpufreq)
+	TODO: Check 2.6
 CVE-2004-0227 (Buffer overflow in the zms script in ZoneMinder before 1.19.2
may ...)
 	NOT-FOR-US: ZoneMinder
 CVE-2004-0226 (Multiple buffer overflows in Midnight Commander (mc) before
4.6.0 may ...)
@@ -18065,7 +18066,7 @@
 CVE-2004-0182 (Mailman before 2.0.13 allows remote attackers to cause a denial
of ...)
 	- mailman <not-affected> (RedHat specific bug)
 CVE-2004-0181 (The JFS file system code in Linux 2.4.x has an information leak
in ...)
-	NOTE: fixed in 2.4.26-pre5
+	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive;
2.4.26-pre5)
 CVE-2004-0180 (The client for CVS before 1.11 allows a remote malicious CVS
server to ...)
 	{DSA-486}
 	- cvs 1:1.12.5-4 (medium)

Secure testing commits - Dec 2005 - r3156 - data/CVE

[Secure-testing-commits] r3156 - data/CVE