[Secure-testing-commits] r39424 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Feb 2 21:36:30 UTC 2016
Author: carnil
Date: 2016-02-02 21:36:30 +0000 (Tue, 02 Feb 2016)
New Revision: 39424
Modified:
data/CVE/list
Log:
Add two roundcube CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-02 21:33:46 UTC (rev 39423)
+++ data/CVE/list 2016-02-02 21:36:30 UTC (rev 39424)
@@ -217,9 +217,13 @@
CVE-2015-8795
RESERVED
CVE-2015-8794 (Absolute path traversal vulnerability in ...)
- TODO: check
+ - roundcube 1.1.2+dfsg.1-1
+ NOTE: http://www.scip.ch/en/?vuldb.80732
+ NOTE: https://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released/
CVE-2015-8793 (Cross-site scripting (XSS) vulnerability in program/include/rcmail.php ...)
- TODO: check
+ - roundcube 1.1.2+dfsg.1-1
+ NOTE: https://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released/
+ NOTE: http://www.scip.ch/en/?vuldb.80731
CVE-2015-8791 (The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 ...)
TODO: check
CVE-2015-8790 (The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 ...)
More information about the Secure-testing-commits
mailing list