Author: apo Date: 2016-06-10 19:20:13 +0000 (Fri, 10 Jun 2016) New Revision: 42447
Modified: data/CVE/list Log: Revert last commit. Roundcube, wheezy is not affected by CVE-2016-5103 Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-06-10 19:17:31 UTC (rev 42446) +++ data/CVE/list 2016-06-10 19:20:13 UTC (rev 42447) @@ -1256,6 +1256,7 @@ CVE-2016-5103 [XSS vulnerability in mail content page] RESERVED - roundcube 1.2.0+dfsg.1-1 + [wheezy] - roundcube <not-affected> (vulnerable code not present) NOTE: https://github.com/roundcube/roundcubemail/issues/5240 NOTE: https://github.com/roundcube/roundcubemail/pull/5241 NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/8 @@ -3684,7 +3685,6 @@ CVE-2016-4069 [Protect download urls against CSRF using unique request tokens] RESERVED - roundcube 1.1.5+dfsg.1-1 (bug #822333) - [wheezy] - roundcube <not-affected> (vulnerable code not present) NOTE: https://github.com/roundcube/roundcubemail/issues/4957 NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-115 NOTE: https://github.com/roundcube/roundcubemail/commit/4a408843b0ef816daf70a472a02b78cd6073a4d5 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits