Author: jmm-guest Date: 2010-02-09 23:20:28 +0000 (Tue, 09 Feb 2010) New Revision: 14070 Modified: data/CVE/list Log: fetchmail CVEfied Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-02-09 23:18:50 UTC (rev 14069) +++ data/CVE/list 2010-02-09 23:20:28 UTC (rev 14070) @@ -1,7 +1,8 @@ CVE-2010-0563 (The Single Sign-on (SSO) functionality in IBM WebSphere Application ...) TODO: check CVE-2010-0562 (The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, ...) - TODO: check + - fetchmail 6.3.13-2 (low) + NOTE: the conditions so that this is exploitable are rather obscure CVE-2010-0561 (Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before ...) TODO: check CVE-2010-0560 (Unspecified vulnerability in the BIOS in Intel Desktop Board DB, DG, ...) @@ -230,10 +231,6 @@ CVE-2010-XXXX [browser javascript document.write denial-of-service] - xulrunner <unfixed> (unimportant; bug #568486) - webkit <unfixed> (unimportant; bug #568485) -CVE-2010-XXXX [fetchmail heap overflow] - - fetchmail 6.3.13-2 (low) - NOTE: the conditions so that this is exploitable are rather obscure - NOTE: CVE id requested by upstream on oss-sec CVE-2010-XXXX [moinmoin unspecified issue] - moin <unfixed> NOTE: http://moinmo.in/SecurityFixes