[Secure-testing-commits] r35364 - data/CVE

Salvatore Bonaccorso Tue, 07 Jul 2015 10:35:45 -0700

Author: carnil
Date: 2015-07-07 17:34:29 +0000 (Tue, 07 Jul 2015)
New Revision: 35364


Modified:
   data/CVE/list
Log:
Update information for CVE-2015-5383

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-07-07 16:58:01 UTC (rev 35363)
+++ data/CVE/list       2015-07-07 17:34:29 UTC (rev 35364)
@@ -18,10 +18,9 @@
        NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
        NOTE: Patch: 
http://downloads.powerdns.com/patches/2015-01/rec-3.7.2.patch
 CVE-2015-5383 [potential info disclosure from temp directory]
-       - roundcube <unfixed> (bug #791643)
+       - roundcube <not-affected> (protection is done in apache config in 
binary package)
        NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
        NOTE: http://trac.roundcube.net/ticket/1490378
-       TODO: check versions, not claimed to affect 1.0.x
 CVE-2015-5382 [security improvement in contact photo handling]
        - roundcube <unfixed> (bug #791643)
        [wheezy] - roundcube <not-affected> (Vulnerable code not present)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r35364 - data/CVE

Reply via email to