[Git][security-tracker-team/security-tracker][master] Add two tempoary entries for roundcube
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 22 13:00:21 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3ab8509b by Salvatore Bonaccorso at 2024-05-22T13:59:07+02:00
Add two tempoary entries for roundcube
I excluded the windows only one. If there will be CVEs assigned for all
three we can then track as well the last one.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2024-XXXX [Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes]
+ - roundcube 1.6.7+dfsg-1 (bug #1071474)
+ NOTE: https://github.com/roundcube/roundcubemail/commit/ba252dc5e2946506cb8d0b50b2b7bf95ab51876f
+CVE-2024-XXXX [Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences]
+ - roundcube 1.6.7+dfsg-1 (bug #1071474)
+ NOTE: https://github.com/roundcube/roundcubemail/commit/9ca8aa6680c579132e0d1fa59447df8d524ec91c
CVE-2021-47498 [dm rq: don't queue request to blk-mq during DM suspend]
- linux 5.14.16-1
NOTE: https://git.kernel.org/linus/b4459b11e84092658fa195a2587aff3b9637f0e7 (5.15-rc6)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ab8509bb8e129d120a84dca6d97d7f21c390fb7
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ab8509bb8e129d120a84dca6d97d7f21c390fb7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240522/8a388dde/attachment.htm>
More information about the debian-security-tracker-commits
mailing list