[Secure-testing-commits] r46903 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 8 19:00:17 UTC 2016
Author: carnil
Date: 2016-12-08 19:00:17 +0000 (Thu, 08 Dec 2016)
New Revision: 46903
Modified:
data/CVE/list
Log:
Make clear where temporary entry is associated until CVE assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-08 19:00:07 UTC (rev 46902)
+++ data/CVE/list 2016-12-08 19:00:17 UTC (rev 46903)
@@ -1270,6 +1270,7 @@
CVE-2016-XXXX [Command Execution via Email]
- roundcube <unfixed> (bug #847287)
[wheezy] - roundcube 0.7.2-9+deb7u5
+ NOTE: Workaround entry for DLA-737-1 until CVE assigned
NOTE: https://blog.ripstech.com/2016/roundcube-command-execution-via-email/
NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/f84233785ddeed01445fc855f3ae1e8a62f167e1
NOTE: CVE has been already requested by discoverer of the issue and will be published "shortly"
More information about the Secure-testing-commits
mailing list