Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b55092ad by Salvatore Bonaccorso at 2021-11-19T08:27:41+01:00
CVEs for roundcube assigned: CVE-2021-44025 and CVE-2021-44026
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -42,12 +42,12 @@ CVE-2021-3976
RESERVED
CVE-2021-3975
RESERVED
-CVE-2021-XXXX [XSS issue in handling attachment filename extension in mimetype
mismatch warning]
+CVE-2021-44025 [XSS issue in handling attachment filename extension in
mimetype mismatch warning]
- roundcube 1.5.0+dfsg.1-1 (bug #1000156)
NOTE: https://github.com/roundcube/roundcubemail/issues/8193
NOTE:
https://github.com/roundcube/roundcubemail/commit/faf99bf8a2b7b7562206fa047e8de652861e624a
(1.4.12)
NOTE:
https://github.com/roundcube/roundcubemail/commit/7d7b1dfeff795390b69905ceb63d6391b5b0dfe7
(1.3.17)
-CVE-2021-XXXX [SQL injection via some session variables]
+CVE-2021-44026 [SQL injection via some session variables]
- roundcube 1.5.0+dfsg.1-1 (bug #1000156)
NOTE:
https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1
(1.4.12)
NOTE:
https://github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfa
(1.3.17)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b55092ade0a911fa77f503a0e10e97ad009fcd90
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b55092ade0a911fa77f503a0e10e97ad009fcd90
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
