Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker
Commits: e9c7407c by Antoine Beaupré at 2018-02-28T16:38:38-05:00 dla-needed: zsh, no-dsa: roundcube - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -963,6 +963,7 @@ CVE-2018-1000071 [Permissions issue in enigma plugin allows exfiltration secret RESERVED - roundcube <unfixed> [stretch] - roundcube <no-dsa> (Minor issue) + [wheezy] - roundcube <no-dsa> (Minor issue) NOTE: https://github.com/roundcube/roundcubemail/issues/6173 NOTE: https://www.legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txt NOTE: Can be mitigated by moving home folder outside the scope of the webserver ===================================== data/dla-needed.txt ===================================== --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -102,3 +102,4 @@ xen -- xmltooling (Markus Koschany) -- +zsh View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e9c7407c65d974ba4ddd8c67f638be97312bf26b --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e9c7407c65d974ba4ddd8c67f638be97312bf26b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits