[Secure-testing-commits] r46910 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 8 19:27:08 UTC 2016
Author: carnil
Date: 2016-12-08 19:27:08 +0000 (Thu, 08 Dec 2016)
New Revision: 46910
Modified:
data/CVE/list
Log:
Add another commit belonging to CVE-2016-9920
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-08 19:24:43 UTC (rev 46909)
+++ data/CVE/list 2016-12-08 19:27:08 UTC (rev 46910)
@@ -1271,6 +1271,7 @@
- roundcube <unfixed> (bug #847287)
NOTE: https://blog.ripstech.com/2016/roundcube-command-execution-via-email/
NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/f84233785ddeed01445fc855f3ae1e8a62f167e1
+ NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/aa6bf38843f51a0fc7205acc98a7b84f3c4c9c4f
CVE-2016-9910 [for the mishandling of all of the other mentioned characters in attribute values]
- html5lib 0.999999999-1
[jessie] - html5lib <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list