thijs at alioth.debian.org
2008-Mar-10 19:14 UTC
[Secure-testing-commits] r8301 - data/CVE
Author: thijs Date: 2008-03-10 19:14:36 +0000 (Mon, 10 Mar 2008) New Revision: 8301 Modified: data/CVE/list Log: new dovecot issue introduced in 1.0.11 fixed in 1.0.13. Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-03-10 18:24:53 UTC (rev 8300) +++ data/CVE/list 2008-03-10 19:14:36 UTC (rev 8301) @@ -1,3 +1,9 @@ +CVE-2008-XXXX [dovecot authentication bypass] + - dovecot 1:1.0.13-1 + [etch] - dovecot <not-affected> (Vulnerable code not present) + [sarge] - dovecot <not-affected> (Vulnerable code not present) + NOTE: exploitable through code introduced in 1.0.11 + NOTE: http://www.dovecot.org/list/dovecot-news/2008-March/000064.html CVE-2008-XXXX [ldm information disclosure] - ldm 2:0.1~bzr20080308-1 - ltsp 5.0.40~bzr20071229-1