[Secure-testing-commits] r41097 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Apr 24 05:08:38 UTC 2016
Author: carnil
Date: 2016-04-24 05:08:38 +0000 (Sun, 24 Apr 2016)
New Revision: 41097
Modified:
data/CVE/list
Log:
CVE-2016-4069/roundcube assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-24 05:05:56 UTC (rev 41096)
+++ data/CVE/list 2016-04-24 05:08:38 UTC (rev 41097)
@@ -1,10 +1,10 @@
-CVE-2016-XXXX [Protect download urls against CSRF using unique request tokens]
+CVE-2016-4069 [Protect download urls against CSRF using unique request tokens]
- roundcube <unfixed> (bug #822333)
NOTE: https://github.com/roundcube/roundcubemail/issues/4957
NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115
NOTE: https://github.com/roundcube/roundcubemail/commit/4a408843b0ef816daf70a472a02b78cd6073a4d5
NOTE: https://github.com/roundcube/roundcubemail/commit/699af1e5206ed9114322adaa3c25c1c969640a53 (release-1.1)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/04/23/3
+ NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/3
CVE-2016-4068 ["for the remaining SVG XSS issues additional to CVE-2015-8864"]
- roundcube <unfixed>
NOTE: https://github.com/roundcube/roundcubemail/commit/40d7342dd9c9bd2a1d613edc848ed95a4d71aa18#commitcomment-15294218
More information about the Secure-testing-commits
mailing list