[Git][security-tracker-team/security-tracker][master] #1131182/Roundcube: Add link to regression fix for 1.6.x

[Guilhem Moulin (@guilhem)]

Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker


Commits:
74558fee by Guilhem Moulin at 2026-03-20T16:52:39+01:00
#1131182/Roundcube: Add link to regression fix for 1.6.x

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1218,7 +1218,8 @@ CVE-2026-XXXX [Remote image blocking bypass via various SVG animate attributes]
 CVE-2026-XXXX [IMAP Injection + CSRF bypass in mail search]
 	- roundcube <unfixed> (bug #1131182)
 	NOTE: https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
-	NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/5fe8a69956a9683a4269f3ad2a68e18deebf8a15
+	NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/b18a8fa8e81571914c0ff55d4e20edb459c6952c (1.6.14)
+	NOTE: Regression fix: https://github.com/roundcube/roundcubemail/commit/6b137adda9b042c3742b0f968692e95ed367d3d1
 CVE-2026-XXXX [Bug where a password could get changed without providing the old password]
 	- roundcube <unfixed> (bug #1131182)
 	NOTE: https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74558fee63f177b7ed8782f8779222dfcec9b6d8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74558fee63f177b7ed8782f8779222dfcec9b6d8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260320/04a7391c/attachment-0001.htm>