[Secure-testing-commits] r46900 - in data: . CVE DLA
Chris Lamb
lamby at moszumanska.debian.org
Thu Dec 8 18:58:26 UTC 2016
Author: lamby
Date: 2016-12-08 18:58:26 +0000 (Thu, 08 Dec 2016)
New Revision: 46900
Modified:
data/CVE/list
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-737-1 for roundcube.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-08 18:52:55 UTC (rev 46899)
+++ data/CVE/list 2016-12-08 18:58:26 UTC (rev 46900)
@@ -1268,6 +1268,7 @@
RESERVED
CVE-2016-XXXX [Command Execution via Email]
- roundcube <unfixed> (bug #847287)
+ [wheezy] - roundcube 0.7.2-9+deb7u5
NOTE: https://blog.ripstech.com/2016/roundcube-command-execution-via-email/
NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/f84233785ddeed01445fc855f3ae1e8a62f167e1
NOTE: CVE has been already requested by discoverer of the issue and will be published "shortly"
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2016-12-08 18:52:55 UTC (rev 46899)
+++ data/DLA/list 2016-12-08 18:58:26 UTC (rev 46900)
@@ -1,3 +1,5 @@
+[08 Dec 2016] DLA-737-1 roundcube - security update
+ [wheezy] - roundcube 0.7.2-9+deb7u5
[07 Dec 2016] DLA-736-1 gst-plugins-bad0.10 - security update
{CVE-2016-9809}
[wheezy] - gst-plugins-bad0.10 0.10.23-7.1+deb7u4
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-12-08 18:52:55 UTC (rev 46899)
+++ data/dla-needed.txt 2016-12-08 18:58:26 UTC (rev 46900)
@@ -98,8 +98,6 @@
--
qemu-kvm
--
-roundcube (Chris Lamb)
---
tiff
--
tomcat7
More information about the Secure-testing-commits
mailing list