Antoine Beaupré pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e9c7407c by Antoine Beaupré at 2018-02-28T16:38:38-05:00
dla-needed: zsh, no-dsa: roundcube
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -963,6 +963,7 @@ CVE-2018-1000071 [Permissions issue in enigma plugin allows
exfiltration secret
RESERVED
- roundcube <unfixed>
[stretch] - roundcube <no-dsa> (Minor issue)
+ [wheezy] - roundcube <no-dsa> (Minor issue)
NOTE: https://github.com/roundcube/roundcubemail/issues/6173
NOTE:
https://www.legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txt
NOTE: Can be mitigated by moving home folder outside the scope of the
webserver
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -102,3 +102,4 @@ xen
--
xmltooling (Markus Koschany)
--
+zsh
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e9c7407c65d974ba4ddd8c67f638be97312bf26b
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e9c7407c65d974ba4ddd8c67f638be97312bf26b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
