[Git][security-tracker-team/security-tracker][master] Update inforamation for CVE-2018-19205/roundcube

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f840a36 by Salvatore Bonaccorso at 2018-11-12T19:37:00Z
Update inforamation for CVE-2018-19205/roundcube

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4,10 +4,12 @@ CVE-2018-19206
 	- roundcube <unfixed>
 	TODO: check
 	NOTE: https://roundcube.net/news/2018/10/26/update-1.3.8-released
-CVE-2018-19205
-	- roundcube <unfixed>
-	TODO: check
+CVE-2018-19205 [mishandles GnuPG MDC integrity-protection warnings]
+	- roundcube 1.3.8+dfsg.1-1
 	NOTE: https://roundcube.net/news/2018/07/27/update-1.3.7-released
+	NOTE: https://github.com/roundcube/roundcubemail/issues/6289
+	NOTE: https://github.com/roundcube/roundcubemail/commit/94da947855329c5062ec2a7098eb86fb675aac37 (release-1.3)
+	NOTE: https://github.com/roundcube/roundcubemail/commit/2fa112bd836e5e144e270bda11c9fda1a66a22ae (master)
 CVE-2018-19197 (An issue was discovered in XiaoCms 20141229. ...)
 	NOT-FOR-US: XiaoCms
 CVE-2018-19196 (An issue was discovered in XiaoCms 20141229. It allows remote attackers ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f840a36928e20e6ef3bec6a26f0ebaec69a55ea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f840a36928e20e6ef3bec6a26f0ebaec69a55ea
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181112/b6c914c9/attachment.html>