Author: thijs Date: 2011-07-26 20:15:30 +0000 (Tue, 26 Jul 2011) New Revision: 17002 Modified: data/CVE/list Log: two additional squirrelmail ids also fixed in sid Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-07-26 19:50:49 UTC (rev 17001) +++ data/CVE/list 2011-07-26 20:15:30 UTC (rev 17002) @@ -260,9 +260,11 @@ CVE-2011-2754 (Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page ...) NOT-FOR-US: IBM WebSphere Portal CVE-2011-2753 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...) - - squirrelmail <undetermined> + - squirrelmail 2:1.4.22-1 (low) + NOTE: difficult to exploit CVE-2011-2752 (CRLF injection vulnerability in SquirrelMail 1.4.21 and earlier allows ...) - - squirrelmail <undetermined> + - squirrelmail 2:1.4.22-1 (low) + NOTE: difficult to exploit CVE-2011-2751 (SQL injection vulnerability in Parodia before 6.809 allows remote ...) NOT-FOR-US: Parodia CVE-2011-2750 (NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote ...)