[Secure-testing-commits] r41084 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Apr 23 14:52:45 UTC 2016
Author: carnil
Date: 2016-04-23 14:52:45 +0000 (Sat, 23 Apr 2016)
New Revision: 41084
Modified:
data/CVE/list
Log:
Add upstream commit references for one roundcube issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-23 14:39:19 UTC (rev 41083)
+++ data/CVE/list 2016-04-23 14:52:45 UTC (rev 41084)
@@ -1,8 +1,9 @@
CVE-2016-XXXX [Protect download urls against CSRF using unique request tokens]
- - roundcube <undetermined>
+ - roundcube <unfixed>
NOTE: https://github.com/roundcube/roundcubemail/issues/4957
NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115
- TODO: check
+ NOTE: https://github.com/roundcube/roundcubemail/commit/4a408843b0ef816daf70a472a02b78cd6073a4d5
+ NOTE: https://github.com/roundcube/roundcubemail/commit/699af1e5206ed9114322adaa3c25c1c969640a53 (release-1.1)
CVE-2016-XXXX [XSS issue in SVG images handling]
- roundcube <undetermined>
NOTE: https://github.com/roundcube/roundcubemail/issues/4949
More information about the Secure-testing-commits
mailing list