Date: Sun, 11 Jan 2015 09:38:25 -0500 (EST) From: cve-assign@...re.org To: Vasyl Kaigorodov <vkaigoro@...hat.com> cc: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: Re: CVE request: roundcubemail: possible CSRF attacks to some address book operations as well as to the ACL and Managesieve plugins > Hello, > > Version 1.0.4 of Roundcube  contains a security fix: > ... > Security: Fix possible CSRF attacks to some address book operations as > well as to the ACL and Managesieve plugins. > ... > > Upstream commit: > https://github.com/roundcube/roundcubemail/commit/376cbfd4f2dfcf455717409b70d9d056cbeb08b1 > > : http://roundcube.net/news/2014/12/18/update-1.0.4-released/ > > Can a CVE be assigned to this please? > > References: > https://bugs.gentoo.org/show_bug.cgi?id=534766 > https://bugzilla.redhat.com/show_bug.cgi?id=1179780 Use CVE-2014-9587. --- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ