[Secure-testing-commits] r37692 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Nov 14 05:50:03 UTC 2015
Author: carnil
Date: 2015-11-14 05:50:03 +0000 (Sat, 14 Nov 2015)
New Revision: 37692
Modified:
data/CVE/list
Log:
Update CVE-2015-8105/roundcube
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-14 05:11:49 UTC (rev 37691)
+++ data/CVE/list 2015-11-14 05:50:03 UTC (rev 37692)
@@ -43,7 +43,10 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/11/12/2
TODO: check (should be fixed in 1.6.19, 1.5.24, 1.4.17, 1.2.54, and 1.0.64)
CVE-2015-8105 (Cross-site scripting (XSS) vulnerability in program/js/app.js in ...)
- TODO: check
+ - roundcube 1.1.3+dfsg.1-1
+ [wheezy] - roundcube <not-affected> (Vulnerable code not present)
+ NOTE: http://trac.roundcube.net/ticket/1490530
+ NOTE: http://trac.roundcube.net/changeset/dd7db2179/github
CVE-2015-XXXX [directory traversal in servefile]
- servefile 0.4.4-1
[jessie] - servefile <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list