nion at alioth.debian.org
2008-Nov-12 15:10 UTC
[Secure-testing-commits] r10375 - in data: CVE DTSA
Author: nion
Date: 2008-11-12 15:10:15 +0000 (Wed, 12 Nov 2008)
New Revision: 10375
Modified:
data/CVE/list
data/DTSA/list
Log:
cveified uw-imap, CVE-2008-5006 also fixed in 7:2007d~dfsg-1
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-11-12 14:50:24 UTC (rev 10374)
+++ data/CVE/list 2008-11-12 15:10:15 UTC (rev 10375)
@@ -22,9 +22,11 @@
CVE-2008-5008 (Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC
or ...)
TODO: check
CVE-2008-5006 (smtp.c in the c-client library in University of Washington IMAP
...)
- TODO: check
+ - uw-imap 7:2007d~dfsg-1
CVE-2008-5005 (Multiple stack-based buffer overflows in (1) University of
Washington ...)
- TODO: check
+ [lenny] - uw-imap 2007b~dfsg-4+lenny1
+ - uw-imap 7:2007d~dfsg-1
+ - alpine <not-affected> (vulnerable code present but tmail/dmail wont be
installed)
CVE-2008-5004 (SQL injection vulnerability in genscode.php in myWebland Bloggie
Lite ...)
NOT-FOR-US: myWebland Bloggie Lite
CVE-2008-5003 (SQL injection vulnerability in ndetail.php in Shahrood allows
remote ...)
@@ -403,11 +405,6 @@
NOT-FOR-US: Simple PHP Scripts gallery
CVE-2008-4802 (Cross-site scripting (XSS) vulnerability in complete.php in
Simple PHP ...)
NOT-FOR-US: Simple PHP Scripts blog
-CVE-2008-XXXX [buffer overflow via large mailbox in dmail/tmail of uw-imap]
- [lenny] - uw-imap 2007b~dfsg-4+lenny1
- - uw-imap 7:2007d~dfsg-1
- - alpine <not-affected> (vulnerable code present but tmail/dmail wont be
installed)
- NOTE: CVE id requested on oss-sec
CVE-2008-XXXX [ktorrent issues]
- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
- ktorrent <unfixed>
Modified: data/DTSA/list
==================================================================---
data/DTSA/list 2008-11-12 14:50:24 UTC (rev 10374)
+++ data/DTSA/list 2008-11-12 15:10:15 UTC (rev 10375)
@@ -515,6 +515,7 @@
{CVE-2008-1804}
[lenny] - snort 2.7.0-19+lenny1
[November 5th, 2008] DTSA-174-1 uw-imap - buffer overflow
+ {CVE-2008-5006 CVE-2008-5005}
[lenny] - uw-imap 2007b~dfsg-4+lenny1
[November 5th, 2008] DTSA-175-1 vlc - integer overflows
{CVE-2008-4686}