[Secure-testing-commits] r35349 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jul 7 04:34:44 UTC 2015
Author: carnil
Date: 2015-07-07 04:34:44 +0000 (Tue, 07 Jul 2015)
New Revision: 35349
Modified:
data/CVE/list
Log:
CVEs assigned for roundcube
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-07 04:29:40 UTC (rev 35348)
+++ data/CVE/list 2015-07-07 04:34:44 UTC (rev 35349)
@@ -1,18 +1,18 @@
-CVE-2015-XXXX [potential info disclosure from temp directory]
+CVE-2015-5383 [potential info disclosure from temp directory]
- roundcube <unfixed>
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/06/10
+ NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
NOTE: http://trac.roundcube.net/ticket/1490378
- TODO: check versions
-CVE-2015-XXXX [security improvement in contact photo handling]
+ TODO: check versions, not claimed to affect 1.0.x
+CVE-2015-5382 [security improvement in contact photo handling]
- roundcube <unfixed>
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/06/10
+ NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
NOTE: http://trac.roundcube.net/ticket/1490379
TODO: check versions
-CVE-2015-XXXX [XSS vulnerability in _mbox argument]
+CVE-2015-5381 [XSS vulnerability in _mbox argument]
- roundcube <unfixed>
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/06/10
+ NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
NOTE: http://trac.roundcube.net/ticket/1490417
- TODO: check versions
+ TODO: check versions, claimed to not affect 1.0.x
CVE-2015-XXXX [TLS: Disable client-initiated renegotiation]
- squid <removed>
- squid3 <unfixed>
More information about the Secure-testing-commits
mailing list