[Secure-testing-commits] r17594 - data/CVE

Florian Weimer fw at alioth.debian.org
Thu Nov 10 20:03:37 UTC 2011


Author: fw
Date: 2011-11-10 20:03:36 +0000 (Thu, 10 Nov 2011)
New Revision: 17594

Modified:
   data/CVE/list
Log:
CVE-2011-4078: roundcube: reference Debian bug


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-11-10 20:00:04 UTC (rev 17593)
+++ data/CVE/list	2011-11-10 20:03:36 UTC (rev 17594)
@@ -949,7 +949,7 @@
 CVE-2011-4079 (Off-by-one error in the UTF8StringNormalize function in OpenLDAP ...)
 	- openldap <unfixed> (low; bug #647610)
 CVE-2011-4078 (include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP ...)
-	- roundcube 0.6
+	- roundcube 0.6+dfsg-1 (bug #646675)
 	[squeeze] - roundcube <no-dsa> (squeeze PHP version does not expose the issue)
 	NOTE: http://trac.roundcube.net/ticket/1488086
 	NOTE: This is arguably a PHP issue, but will probably not be fixed upstream.




More information about the Secure-testing-commits mailing list