[Secure-testing-commits] r41338 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun May 1 15:04:17 UTC 2016


Author: carnil
Date: 2016-05-01 15:04:17 +0000 (Sun, 01 May 2016)
New Revision: 41338

Modified:
   data/CVE/list
Log:
roundcube, #822333, fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-01 14:15:28 UTC (rev 41337)
+++ data/CVE/list	2016-05-01 15:04:17 UTC (rev 41338)
@@ -568,7 +568,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/24/3
 CVE-2016-4069 [Protect download urls against CSRF using unique request tokens]
 	RESERVED
-	- roundcube <unfixed> (bug #822333)
+	- roundcube 1.1.5+dfsg.1-1 (bug #822333)
 	NOTE: https://github.com/roundcube/roundcubemail/issues/4957
 	NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115
 	NOTE: https://github.com/roundcube/roundcubemail/commit/4a408843b0ef816daf70a472a02b78cd6073a4d5
@@ -581,7 +581,7 @@
 	NOTE: These remain unfixed in versions 1.0.9, 1.1.5 and 1.2-rc
 CVE-2015-8864 [XSS issue in SVG images handling]
 	RESERVED
-	- roundcube <unfixed> (bug #822333)
+	- roundcube 1.1.5+dfsg.1-1 (bug #822333)
 	NOTE: https://github.com/roundcube/roundcubemail/issues/4949
 	NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115
 	NOTE: https://github.com/roundcube/roundcubemail/commit/40d7342dd9c9bd2a1d613edc848ed95a4d71aa18




More information about the Secure-testing-commits mailing list