[Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-1264{0,1}/roundcube

Salvatore Bonaccorso carnil at debian.org
Wed May 6 04:46:43 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9a6318e0 by Salvatore Bonaccorso at 2020-05-06T05:46:00+02:00
Update status for CVE-2020-1264{0,1}/roundcube

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -57,10 +57,12 @@ CVE-2020-12642 (An issue was discovered in service-api before 4.3.12 and 5.x bef
 	NOT-FOR-US: Report Portal
 CVE-2020-12641 (rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to  ...)
 	- roundcube 1.4.4+dfsg.1-1
+	[buster] - roundcube 1.3.11+dfsg.1-1~deb10u1
 	NOTE: https://github.com/roundcube/roundcubemail/commit/fcfb099477f353373c34c8a65c9035b06b364db3
 	NOTE: https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10
 CVE-2020-12640 (Roundcube Webmail before 1.4.4 allows attackers to include local files ...)
 	- roundcube 1.4.4+dfsg.1-1
+	[buster] - roundcube 1.3.11+dfsg.1-1~deb10u1
 	NOTE: https://github.com/roundcube/roundcubemail/commit/814eadb699e8576ce3a78f21e95bf69a7c7b3794
 	NOTE: https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10
 CVE-2020-12639 (phpList before 3.5.3 allows XSS, with resultant privilege elevation, v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a6318e0a57c8a6f1e9630ad4835be67443be223

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a6318e0a57c8a6f1e9630ad4835be67443be223
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200506/a0c39205/attachment.html>


More information about the debian-security-tracker-commits mailing list