Author: neilm Date: 2006-11-11 11:45:15 +0100 (Sat, 11 Nov 2006) New Revision: 4949 Modified: data/CVE/list Log: CVE-2005-1308 is sqwebmail, not courier Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-11-11 08:51:54 UTC (rev 4948) +++ data/CVE/list 2006-11-11 10:45:15 UTC (rev 4949) @@ -25021,7 +25021,7 @@ CVE-2005-1309 (Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote ...) NOT-FOR-US: bBlog CVE-2005-1308 (SqWebMail allows remote attackers to inject arbitrary web script or ...) - - courier <unfixed> (bug #307575; medium) + - sqwebmail <unfixed> (bug #307575; medium) NOTE: Upstream explanation looks wrong, not all code paths perform escaping. NOTE: Sarge and Woody are affected CVE-2005-1307 (The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version ...)