[Secure-testing-commits] r41083 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Apr 23 14:39:19 UTC 2016
Author: carnil
Date: 2016-04-23 14:39:19 +0000 (Sat, 23 Apr 2016)
New Revision: 41083
Modified:
data/CVE/list
Log:
Add two roundcube issues from latest release
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-23 14:14:31 UTC (rev 41082)
+++ data/CVE/list 2016-04-23 14:39:19 UTC (rev 41083)
@@ -1,3 +1,13 @@
+CVE-2016-XXXX [Protect download urls against CSRF using unique request tokens]
+ - roundcube <undetermined>
+ NOTE: https://github.com/roundcube/roundcubemail/issues/4957
+ NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115
+ TODO: check
+CVE-2016-XXXX [XSS issue in SVG images handling]
+ - roundcube <undetermined>
+ NOTE: https://github.com/roundcube/roundcubemail/issues/4949
+ NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115
+ TODO: check
CVE-2016-XXXX [MS-WSP dissector crash]
- wireshark 2.0.3+geed34f0-1 (low)
[jessie] - wireshark <not-affected> (Only affects 2.x)
More information about the Secure-testing-commits
mailing list