[Secure-testing-commits] r39424 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Feb 2 21:36:30 UTC 2016


Author: carnil
Date: 2016-02-02 21:36:30 +0000 (Tue, 02 Feb 2016)
New Revision: 39424

Modified:
   data/CVE/list
Log:
Add two roundcube CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-02-02 21:33:46 UTC (rev 39423)
+++ data/CVE/list	2016-02-02 21:36:30 UTC (rev 39424)
@@ -217,9 +217,13 @@
 CVE-2015-8795
 	RESERVED
 CVE-2015-8794 (Absolute path traversal vulnerability in ...)
-	TODO: check
+	- roundcube 1.1.2+dfsg.1-1
+	NOTE: http://www.scip.ch/en/?vuldb.80732
+	NOTE: https://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released/
 CVE-2015-8793 (Cross-site scripting (XSS) vulnerability in program/include/rcmail.php ...)
-	TODO: check
+	- roundcube 1.1.2+dfsg.1-1
+	NOTE: https://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released/
+	NOTE: http://www.scip.ch/en/?vuldb.80731
 CVE-2015-8791 (The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 ...)
 	TODO: check
 CVE-2015-8790 (The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 ...)




More information about the Secure-testing-commits mailing list