[Secure-testing-commits] r1517 - data/CAN

Joey Hess Tue, 02 Aug 2005 23:40:39 -0700

Author: joeyh
Date: 2005-08-03 06:39:34 +0000 (Wed, 03 Aug 2005)
New Revision: 1517


Modified:
   data/CAN/list
Log:
updates

Modified: data/CAN/list
===================================================================
--- data/CAN/list       2005-08-03 05:57:02 UTC (rev 1516)
+++ data/CAN/list       2005-08-03 06:39:34 UTC (rev 1517)
@@ -1174,7 +1174,7 @@
        NOTE: not-for-us (MyGuestbook)
 CAN-2005-2161 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows 
remote ...)
        {DSA-768-1}
-       - phpbb2 (unfixed; bug #317739; high)
+       - phpbb2 2.0.13+1-6sarge1 (bug #317739; high)
 CAN-2005-2160 (IMail stores usernames and passwords in cleartext in a cookie, 
which ...)
        NOTE: not-for-us (IMail)
 CAN-2005-2159 (mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote 
...)
@@ -2470,7 +2470,7 @@
        - phpgroupware 0.9.16.006-1 (high)
        - egroupware 1.0.0.007-3.dfsg-1 (high)
        - phpwiki 1.3.7-4 (high)
-       - ewiki (unfixed; high)
+       NOTE: ewiki does not seem vulnerable (no eval, different code base)
        - php4 (unfixed; bug #316447; high)
        NOTE: horde3 is not affected by this issue, they ship different XMLRPC 
code
 CAN-2005-1920 (The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x 
through ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r1517 - data/CAN

Reply via email to