Author: jmm Date: 2011-12-17 07:57:47 +0000 (Sat, 17 Dec 2011) New Revision: 17809 Modified: data/CVE/list Log: filed a bug for the qmail TLS patch (not applied, though) Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-12-16 23:13:42 UTC (rev 17808) +++ data/CVE/list 2011-12-17 07:57:47 UTC (rev 17809) @@ -7591,8 +7591,7 @@ CVE-2011-2333 RESERVED CVE-2011-2329 (The rampart_timestamp_token_validate function in ...) - - rampart <unfixed> (low; bug #631221) - [squeeze] - rampart <no-dsa> (Minor issue) + - rampart <unfixed> (bug #631221) CVE-2011-2327 (Unspecified vulnerability in the Oracle Communications Unified ...) NOT-FOR-US: Oracle Sun Products Suite CVE-2011-2326 @@ -10147,7 +10146,7 @@ CVE-2011-1432 (The STARTTLS implementation in SCO SCOoffice Server does not properly ...) NOT-FOR-US: SCO SCOoffice Server CVE-2011-1431 (The STARTTLS implementation in qmail-smtpd.c in qmail-smtpd in the ...) - - qmail <unfixed> (unimportant) + - qmail <unfixed> (unimportant; bug #652378) NOTE: The TLS patch is shipped in the source package, but it''s not applied - netqmail <not-affected> (Doesn''t include the TLS patch) CVE-2011-1430 (The STARTTLS implementation in the server in Ipswitch IMail 11.03 and ...)