[Secure-testing-commits] r42447 - data/CVE
Markus Koschany
apo at moszumanska.debian.org
Fri Jun 10 19:20:13 UTC 2016
Author: apo
Date: 2016-06-10 19:20:13 +0000 (Fri, 10 Jun 2016)
New Revision: 42447
Modified:
data/CVE/list
Log:
Revert last commit. Roundcube, wheezy is not affected by CVE-2016-5103
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-10 19:17:31 UTC (rev 42446)
+++ data/CVE/list 2016-06-10 19:20:13 UTC (rev 42447)
@@ -1256,6 +1256,7 @@
CVE-2016-5103 [XSS vulnerability in mail content page]
RESERVED
- roundcube 1.2.0+dfsg.1-1
+ [wheezy] - roundcube <not-affected> (vulnerable code not present)
NOTE: https://github.com/roundcube/roundcubemail/issues/5240
NOTE: https://github.com/roundcube/roundcubemail/pull/5241
NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/8
@@ -3684,7 +3685,6 @@
CVE-2016-4069 [Protect download urls against CSRF using unique request tokens]
RESERVED
- roundcube 1.1.5+dfsg.1-1 (bug #822333)
- [wheezy] - roundcube <not-affected> (vulnerable code not present)
NOTE: https://github.com/roundcube/roundcubemail/issues/4957
NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115
NOTE: https://github.com/roundcube/roundcubemail/commit/4a408843b0ef816daf70a472a02b78cd6073a4d5
More information about the Secure-testing-commits
mailing list