[Git][security-tracker-team/security-tracker][master] Correct tracking for CVE-2019-13389/rainloop

Sat Sep 5 15:01:09 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
53cb0e75 by Salvatore Bonaccorso at 2020-09-05T15:54:23+02:00
Correct tracking for CVE-2019-13389/rainloop

The CVE was marked as NFU earlier. But there is src:rainloop for the
Rainloop Webmail. The issue was already fixed with the 1.14.0-1 upload
to unstable.

Fixes: 10cf9cb957ad ("Process NFUs")

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79918,7 +79918,8 @@ CVE-2019-13390 (In FFmpeg 4.1.3, there is a division by zero at adx_write_traile
 	NOTE: https://trac.ffmpeg.org/ticket/7979
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=aef24efb0c1e65097ab77a4bf9264189bdf3ace3
 CVE-2019-13389 (RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as ...)
-	NOT-FOR-US: RainLoop Webmail
+	- rainloop 1.14.0-1
+	NOTE: https://github.com/RainLoop/rainloop-webmail/commit/8eb4588917b4741889fdd905d4c32e3e86317693
 CVE-2019-13388
 	RESERVED
 CVE-2019-13387 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, Reflected ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53cb0e75d1406f2e9f01dbfe77ef107ae7e04ac4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53cb0e75d1406f2e9f01dbfe77ef107ae7e04ac4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200905/6154f978/attachment.html>
