white at alioth.debian.org
2009-Feb-04 23:08 UTC
[Secure-testing-commits] r11146 - data/CVE
Author: white Date: 2009-02-04 23:08:00 +0000 (Wed, 04 Feb 2009) New Revision: 11146 Modified: data/CVE/list Log: roundcube issue doesn''t affect debian versions Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-02-04 23:02:41 UTC (rev 11145) +++ data/CVE/list 2009-02-04 23:08:00 UTC (rev 11146) @@ -6,7 +6,8 @@ - trickle <unfixed> (bug #513456; low) [etch] - trickle <no-dsa> (Minor issue) CVE-2009-0413 (Cross-site scripting (XSS) vulnerability in RoundCube Webmail ...) - TODO: check + - roundcube <not-affected> (Vulnerable code not present) + NOTE: Seems to affect versions 0.2, but debian only has 0.1 packaged at the moment CVE-2009-0412 (The ProcessLogin function in class.auth.php in Interspire Shopping ...) NOT-FOR-US: Interspire Shopping Cart CVE-2009-0411 (Google Chrome before 1.0.154.46 does not properly restrict access from ...)