[Secure-testing-commits] r21208 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Sat Feb 9 09:54:39 UTC 2013
Author: carnil
Date: 2013-02-09 09:54:39 +0000 (Sat, 09 Feb 2013)
New Revision: 21208
Modified:
data/CVE/list
Log:
update tracker for roundcube, CVE-2012-6121
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-02-09 09:17:57 UTC (rev 21207)
+++ data/CVE/list 2013-02-09 09:54:39 UTC (rev 21208)
@@ -4325,10 +4325,9 @@
[squeeze] - chicken <no-dsa> (Minor issue)
CVE-2012-6121 [Cross-site scripting (XSS) in vbscript: and data:text URL handling]
RESERVED
- - roundcube <unfixed>
+ - roundcube <not-affected> (vulnerable code not in stable or testing)
NOTE: http://trac.roundcube.net/ticket/1488850
NOTE: Upstream patch: https://github.com/roundcube/roundcubemail/commit/74cd0a9b62f11bc07c5a1d3ba0098b54883eb0ba
- TODO: check and report
CVE-2012-6120 [Directory /var/log/puppet is world readable]
RESERVED
- puppet <unfixed>
More information about the Secure-testing-commits
mailing list