Giuseppe Iuculano
2010-May-26 07:50 UTC
[Secure-testing-commits] r14757 - in data: CVE DSA
Author: derevko-guest
Date: 2010-05-26 07:50:22 +0000 (Wed, 26 May 2010)
New Revision: 14757
Modified:
data/CVE/list
data/DSA/list
Log:
CVE-2009-4824 is a duplicate of CVE-2009-3236
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-05-26 01:35:31 UTC (rev 14756)
+++ data/CVE/list 2010-05-26 07:50:22 UTC (rev 14757)
@@ -1108,7 +1108,7 @@
NOT-FOR-US: 8pixel.net Blog
CVE-2009-4824 (Unspecified vulnerability in Kolab Webclient before 1.2.0 in
Kolab ...)
- kolab-webclient <undetermined>
- - horde3 <unfixed>
+ - horde3 3.3.5+debian0-1
NOTE: package only in experimental; claimed fixed in version 20091202, but not
enough info to check
NOTE:
http://kolab.org/cgi-bin/viewcvs-kolab.cgi/*checkout*/server/patches/horde-webmail/1.2.0/tg/Attic/t_framework_H_JS_Form_FixFormSecurityForImageUploads.diff?rev=1.1.2.1&only_with_tag=kolab_2_2_branch
CVE-2009-4823 (Cross-site scripting (XSS) vulnerability in ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2010-05-26 01:35:31 UTC (rev 14756)
+++ data/DSA/list 2010-05-26 07:50:22 UTC (rev 14757)
@@ -561,7 +561,7 @@
[etch] - openswan 1:2.4.6+dfsg.2-1.1+etch2
[lenny] - openswan 1:2.4.12+dfsg-1.3+lenny2
[28 Sep 2009] DSA-1897-1 horde3 - arbitrary code execution
- {CVE-2009-3236 CVE-2008-7218}
+ {CVE-2009-3236 CVE-2009-4824 CVE-2008-7218}
[etch] - horde3 3.1.3-4etch6
[lenny] - horde3 3.2.2+debian0-2+lenny1
[28 Sep 2009] DSA-1896-1 opensaml shibboleth-sp - potential code execution