micah at alioth.debian.org
2007-Oct-17 00:45 UTC
[Secure-testing-commits] r6992 - data/CVE
Author: micah
Date: 2007-10-17 00:45:45 +0000 (Wed, 17 Oct 2007)
New Revision: 6992
Modified:
data/CVE/list
Log:
alpine issues resolved
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-10-16 22:24:05 UTC (rev 6991)
+++ data/CVE/list 2007-10-17 00:45:45 UTC (rev 6992)
@@ -34538,8 +34538,8 @@
{DSA-861-1}
- uw-imap 7:2002edebian1-12 (medium; bug #332215)
- pine 4.64-1 (medium; bug #348407)
+ - alpine <not-affected> (alpine is based on pine 4.64, this bug was in a
previous version of pine)
[sarge] - pine <no-dsa> (pine is non-free; doesn''t permit
distribution of modified binaries)
- TODO: check alpine
CVE-2005-2932 (Multiple Check Point Zone Labs ZoneAlarm products before
7.0.362, ...)
NOT-FOR-US: Check Point Zone Labs ZoneAlarm
CVE-2005-2931 (Format string vulnerability in the SMTP service in IMail Server
8.20 ...)
@@ -38096,9 +38096,9 @@
NOT-FOR-US: ghttpd
CVE-2002-1903 (Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into
Sender: ...)
- pine 4.62-1 (low)
+ - alpine <not-affected> (alpine is based on pine 4.64, this bug was in a
previous version of pine)
NOTE: checked listed version, and it didn''t have the problem
- NOTE: non-free
- TODO: check alpine
+ NOTE: pine is non-free (alpine is free)
CVE-2002-1902 (CGIForum 1.0 through 1.05 allows remote attackers to cause a
denial of ...)
NOT-FOR-US: CGIForum
CVE-2002-1901 (Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery
1.0 ...)
@@ -41927,8 +41927,8 @@
NOT-FOR-US: Access_user class
CVE-2005-1066 (Race condition in rpdump in Pine 4.62 and earlier allows local
users ...)
- pine 4.63-1 (unimportant)
+ - alpine <not-affected> (alpine is based on pine 4.64, this bug was in a
previous version of pine)
NOTE: Not shipped in the binary package
- TODO: check alpine
CVE-2005-1065 (tetex in Novell Linux Desktop 9 allows local users to determine
the ...)
- tetex-base <not-affected> (/var/cache/fonts is not writable by normal
users in Debian)
CVE-2005-1064 (The copy_symlink function in rsnapshot 1.2.0 and 1.1.x before
1.1.7 ...)
@@ -49406,10 +49406,10 @@
NOT-FOR-US: solaris
CVE-2003-0721 (Integer signedness error in rfc2231_get_param from strings.c in
PINE ...)
- pine 4.58
- TODO: check alpine
+ - alpine <not-affected> (alpine is based on pine 4.64, this bug was in a
previous version of pine)
CVE-2003-0720 (Buffer overflow in PINE before 4.58 allows remote attackers to
execute ...)
- pine 4.58
- TODO: check alpine
+ - alpine <not-affected> (alpine is based on pine 4.64, this bug was in a
previous version of pine)
CVE-2003-0719 (Buffer overflow in the Private Communications Transport (PCT)
protocol ...)
NOT-FOR-US: microsoft
CVE-2003-0718 (The WebDAV Message Handler for Internet Information Services
(IIS) ...)