CVE-2009-4076 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4076): Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail 0.2.2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that modify user information via unspecified vectors, a different vulnerability than CVE-2009-4077.
CVE-2009-4077 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4077): Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail 0.2.2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that send arbitrary emails via unspecified vectors, a different vulnerability than CVE-2009-4076.
Arches, please test and mark stable: =mail-client/roundcube-0.3.1 Target keywords : "amd64 ppc ppc64 x86"
x86 stable
amd64 stable
ppc64 done
Marked ppc stable.
Closing noglsa. + 12 Aug 2010; Alex Legler <a3li@gentoo.org> -roundcube-0.2.2.ebuild, + -roundcube-0.3.1.ebuild: + Non-maintainer commit: Removing vulnerable versions for bug 294679. +