[Secure-testing-commits] r17585 - data/CVE
Florian Weimer
fw at alioth.debian.org
Thu Nov 10 18:54:46 UTC 2011
Author: fw
Date: 2011-11-10 18:54:46 +0000 (Thu, 10 Nov 2011)
New Revision: 17585
Modified:
data/CVE/list
Log:
CVE-2011-4078: roundcube fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-11-10 18:35:03 UTC (rev 17584)
+++ data/CVE/list 2011-11-10 18:54:46 UTC (rev 17585)
@@ -949,8 +949,9 @@
CVE-2011-4079 (Off-by-one error in the UTF8StringNormalize function in OpenLDAP ...)
- openldap <unfixed> (low; bug #647610)
CVE-2011-4078 (include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP ...)
- - roundcube <unfixed>
+ - roundcube 0.6
[squeeze] - roundcube <no-dsa> (squeeze PHP version does not expose the issue)
+ NOTE: http://trac.roundcube.net/ticket/1488086
NOTE: This is arguably a PHP issue, but will probably not be fixed upstream.
CVE-2011-4077
RESERVED
More information about the Secure-testing-commits
mailing list