Author: fw Date: 2011-11-10 18:54:46 +0000 (Thu, 10 Nov 2011) New Revision: 17585 Modified: data/CVE/list Log: CVE-2011-4078: roundcube fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-11-10 18:35:03 UTC (rev 17584) +++ data/CVE/list 2011-11-10 18:54:46 UTC (rev 17585) @@ -949,8 +949,9 @@ CVE-2011-4079 (Off-by-one error in the UTF8StringNormalize function in OpenLDAP ...) - openldap <unfixed> (low; bug #647610) CVE-2011-4078 (include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP ...) - - roundcube <unfixed> + - roundcube 0.6 [squeeze] - roundcube <no-dsa> (squeeze PHP version does not expose the issue) + NOTE: http://trac.roundcube.net/ticket/1488086 NOTE: This is arguably a PHP issue, but will probably not be fixed upstream. CVE-2011-4077 RESERVED