[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1000071/roundcube as no-dsa

Tue, 27 Feb 2018 07:52:59 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
91faab01 by Salvatore Bonaccorso at 2018-02-27T16:51:20+01:00
Mark CVE-2018-1000071/roundcube as no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -844,6 +844,7 @@ CVE-2018-1000072
 CVE-2018-1000071 [Permissions issue in enigma plugin allows exfiltration 
secret gpg key file]
        RESERVED
        - roundcube <unfixed>
+       [stretch] - roundcube <no-dsa> (Minor issue)
        NOTE: https://github.com/roundcube/roundcubemail/issues/6173
        NOTE: 
https://www.legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txt
        NOTE: Can be mitigated by moving home folder outside the scope of the 
webserver



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/91faab01354e61077cd63ba874dc90d0ad8aac21

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/91faab01354e61077cd63ba874dc90d0ad8aac21
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to