[Secure-testing-commits] r10753 - data/CVE

fw Sun, 21 Dec 2008 00:02:30 -0800

Author: fw
Date: 2008-12-21 08:02:21 +0000 (Sun, 21 Dec 2008)
New Revision: 10753


Modified:
   data/CVE/list
Log:
CVE-2008-5620: roundcube
CVE-2008-3443: add upstream commits, very low severity


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2008-12-21 00:23:57 UTC (rev 10752)
+++ data/CVE/list       2008-12-21 08:02:21 UTC (rev 10753)
@@ -103,7 +103,7 @@
 CVE-2008-5623
        RESERVED
 CVE-2008-5620 (RoundCube Webmail (roundcubemail) before 0.2-beta allows remote 
...)
-       TODO: check
+       - roundcube <unfixed> (low)
 CVE-2008-5618 (imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 
3.20 ...)
        TODO: check
 CVE-2008-5615
@@ -5414,8 +5414,9 @@
        - iceweasel <unfixed> (unimportant)
        NOTE: browser dos not treated as security issues
 CVE-2008-3443 (The regular expression engine (regex.c) in Ruby 1.8.5 and 
earlier, ...)
-       - ruby1.8 1.8.7.72-1 (bug #494401)
-       - ruby1.9 <unfixed>
+       - ruby1.8 1.8.7.72-1 (low; bug #494401)
+       - ruby1.9 <unfixed> (low)
+       NOTE: Upstream commits 18212 (for 1.8) and 18213 (for 1.9).
 CVE-2008-3442 (WinZip before 11.0 does not properly verify the authenticity of 
...)
        NOT-FOR-US: WinZip
 CVE-2008-3441 (Nullsoft Winamp before 5.24 does not properly verify the 
authenticity ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r10753 - data/CVE

Reply via email to