oss-sec mailing list archives
Re: CVE request: zarafa-autorespond suffers from a potential local privilege escalation
From: Christian Hoffmann <christian () hoffie info>
Date: Mon, 21 Sep 2015 19:09:14 +0200
On 09/21/2015 06:05 PM, Christian Hoffmann wrote:
So, for now, I don't think a new CVE should be assigned. Either Zarafa or me will send an update shortly.
Zarafa was quick and has updated the ChangeLog accordingly: https://download.zarafa.com/community/beta/7.2/changelog-7.2.txt As expected, this issue has been assigned CVE-2015-6566. From what I can see, no new CVE needs to be assigned here.
On 09/21/2015 02:58 PM, Martin Prpic wrote:https://bugzilla.redhat.com/show_bug.cgi?id=1263006 The issue is noted as "zarafa-autorespond suffers from a potential local privilege escalation" in the zarafa changelog:
Kind regards, Christian
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE request: zarafa-autorespond suffers from a potential local privilege escalation Martin Prpic (Sep 21)
- Re: CVE request: zarafa-autorespond suffers from a potential local privilege escalation Christian Hoffmann (Sep 21)
- Re: CVE request: zarafa-autorespond suffers from a potential local privilege escalation Christian Hoffmann (Sep 21)
- Re: CVE request: zarafa-autorespond suffers from a potential local privilege escalation Christian Hoffmann (Sep 21)