thr3ads.net - Secure testing commits - [Secure-testing-commits] r3567

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2006-Mar-08 16:36 UTC

[Secure-testing-commits] r3567 - in data: CVE DSA

Author: jmm-guest
Date: 2006-03-08 16:36:03 +0000 (Wed, 08 Mar 2006)
New Revision: 3567

Modified:
   data/CVE/list
   data/DSA/list
Log:
squirrelmail DSA


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-03-08 09:46:42 UTC (rev 3566)
+++ data/CVE/list	2006-03-08 16:36:03 UTC (rev 3567)
@@ -1582,7 +1582,7 @@
 CVE-2006-0378 (Cross-site scripting (XSS) vulnerability in Netrix X-Site
Manager ...)
 	NOT-FOR-US: Netrix X-Site Manager 
 CVE-2006-0377 (CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5
allows ...)
-	- squirrelmail <unfixed> (bug #354063)
+	- squirrelmail 2:1.4.6-1 (bug #354063)
 CVE-2006-0376 (The 802.11 wireless client in certain operating systems
including ...)
 	NOT-FOR-US: Windows
 CVE-2006-0375 (Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21
...)
@@ -2008,7 +2008,7 @@
 CVE-2006-0196 (Unspecified vulnerability in Serial line sniffer (aka slsnif)
0.4.4 ...)
 	NOT-FOR-US: slsnif
 CVE-2006-0195 (Interpretation conflict in the MagicHTML filter in SquirrelMail
1.4.0 ...)
-	- squirrelmail <unfixed> (bug #354062)
+	- squirrelmail 2:1.4.6-1 (bug #354062)
 CVE-2006-0194 (Cross-site scripting (XSS) vulnerability in default.asp in
FogBugz ...)
 	NOT-FOR-US: FogBugz
 CVE-2006-0193 (Cross-site scripting (XSS) vulnerability in the Hosting Control
Panel ...)
@@ -2022,7 +2022,7 @@
 CVE-2006-0189 (Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46
allows ...)
 	NOT-FOR-US: eStara Softphone
 CVE-2006-0188 (webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote
attackers to ...)
-	- squirrelmail <unfixed> (bug #354064)
+	- squirrelmail 2:1.4.6-1 (bug #354064)
 CVE-2005-4664 (SQL injection vulnerability in OcoMon 1.21, and possibly other
...)
 	NOT-FOR-US: OcoMon
 CVE-2005-4663 (Cross-site scripting (XSS) vulnerability in OcoMon 1.20, and
possibly ...)

Modified: data/DSA/list
==================================================================---
data/DSA/list	2006-03-08 09:46:42 UTC (rev 3566)
+++ data/DSA/list	2006-03-08 16:36:03 UTC (rev 3567)
@@ -1,3 +1,8 @@
+[08 Mar 2006] DSA-988-1 squirrelmail - several
+	{CVE-2006-0377 CVE-2006-0195 CVE-2006-0188}
+	[woody] - squirrelmail 1.2.6-5
+	[sarge] - squirrelmail 2:1.4.4-8
+	NOTE: not fixed in testing at the time of DSA (unfixed in sid)
 [07 Mar 2006] DSA-987-1 tar - buffer overflow
 	{CVE-2006-0300}
 	[sarge] - tar 1.14-2.1

Secure testing commits - Mar 2006 - r3567 - in data: CVE DSA

[Secure-testing-commits] r3567 - in data: CVE DSA