[Secure-testing-commits] r44361 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Tue Sep 6 09:11:30 UTC 2016
Author: hertzog
Date: 2016-09-06 09:11:30 +0000 (Tue, 06 Sep 2016)
New Revision: 44361
Modified:
data/CVE/list
Log:
Update status of CVE-2016-4068
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-06 09:10:12 UTC (rev 44360)
+++ data/CVE/list 2016-09-06 09:11:30 UTC (rev 44361)
@@ -9861,10 +9861,9 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/3
CVE-2016-4068 ["for the remaining SVG XSS issues additional to CVE-2015-8864"]
RESERVED
- - roundcube <unfixed>
- NOTE: https://github.com/roundcube/roundcubemail/commit/40d7342dd9c9bd2a1d613edc848ed95a4d71aa18#commitcomment-15294218 (incomplete fix)
- NOTE: These remain unfixed in versions 1.0.9, 1.1.5 and 1.2-rc
- NOTE: https://lists.debian.org/debian-lts/2016/06/msg00159.html
+ - roundcube 1.2.1+dfsg.1-2
+ NOTE: https://github.com/roundcube/roundcubemail/issues/5398
+ NOTE: https://github.com/roundcube/roundcubemail/commit/a1fdb205f824dee7fd42dda739f207abc85ce158
CVE-2015-8864 [XSS issue in SVG images handling]
RESERVED
{DLA-537-1}
More information about the Secure-testing-commits
mailing list