-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 03 Jun 2020 15:09:31 +0200 Source: roundcube Architecture: source Version: 1.4.5+dfsg.1-1 Distribution: unstable Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@alioth-lists.debian.net> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 962123 962124 Changes: roundcube (1.4.5+dfsg.1-1) unstable; urgency=high . * New upstream bugfix release, including security fixes for: - Cross-Site Scripting (XSS) vulnerability via malicious XML messages (closes: #962123) - Cross-Site Scripting (XSS) vulnerability in template object 'username' (closes: #962124) * d/roundcube-core.postinst: Also call ucfr(1) on existing config.inc.php and always pass --debconf-ok to ucf(1). * Bump debhelper compatibility level to 13. * Add upstream meta-information to debian/upstream/metadata. Checksums-Sha1: c6bc7f86579301f522e8ef6e4c7ae819389525cb 2466 roundcube_1.4.5+dfsg.1-1.dsc 2ef3a52dbad1802f68e4f29bbf857a0322a848b3 2972476 roundcube_1.4.5+dfsg.1.orig.tar.xz b8a91409b954e7836b40c959288b25023b4a4238 1227412 roundcube_1.4.5+dfsg.1-1.debian.tar.xz b211ba8fc9f3b8632c0ceb8cc6d271ab19e68965 9337 roundcube_1.4.5+dfsg.1-1_amd64.buildinfo Checksums-Sha256: 4470ad9f52c53150342c5c17c42eed05606d56f48bfbecebfc01b65619d48f05 2466 roundcube_1.4.5+dfsg.1-1.dsc d7f48ecd3ce58808825f6362058e4e86d5e3ae0d4ae33e2f28432225cb3b7faa 2972476 roundcube_1.4.5+dfsg.1.orig.tar.xz 7288a96572c5da6a6534cde79e6cc67016adff593c0e07c65dd368985e04481e 1227412 roundcube_1.4.5+dfsg.1-1.debian.tar.xz b4b3b369200af53276d5306c7e1e6669af07b5e547e454a8c842eec352b1d6b6 9337 roundcube_1.4.5+dfsg.1-1_amd64.buildinfo Files: 8869552ac8ae042a70e510e293f8bdcc 2466 web optional roundcube_1.4.5+dfsg.1-1.dsc 278bca24e6aa2d25f4ced58cce12138a 2972476 web optional roundcube_1.4.5+dfsg.1.orig.tar.xz 77e597e4ff3b8f6d9d33ecb699c683d3 1227412 web optional roundcube_1.4.5+dfsg.1-1.debian.tar.xz 85c2b8eff1a890f1b44ee72414476bdf 9337 web optional roundcube_1.4.5+dfsg.1-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAl7XoaUACgkQ05pJnDwh pVJ6wA/9H5q5cPWOc2zc3LX3Sww5Xyzu4OtnpdYrIAZh+g8NV7fopzB7NsJML+1B SlxSf8xXj1eEh7nIS71lB/0mmH/gDwd4/ngQoZ6SCzNnCUPLe+KFpxDzFsVmEAfz lBCdA7I45ZnwRvYcC+qqGAbuPO6rvuXyC9vLMBdlCD6Oxu7c0iL11aV7EqhyTlDZ KeyU7ZVDlhMg2YojWHrcPs/ZlwoPhIazafAZZ+6vXlnpDRuVrHLCKuLZZcoN0cA1 VmuaHHNyyvIbBh+2dC7giCNdbow33YXGn1wRt0CaXWlPDlWto0SlPaGxjgqZaBjj /69AdPPbBPud3Ttf+abIimIQi6Z4KL7LO3t8QdxL8HsdaotxGbWiEYucn+tiLys+ hulpDRKpu/ez2WmaILpvfwgrQwO3HWLhcsQVE+UoLGSBrEoypik3twnXWqaw59as CSKNfAHg8fye6qlkhCozhAjMmQhkR6c3Myy4fhSoveKSOiPUqqk2tkGbMmsj1oqg umFMmHSE9zJK+VT5Xa+Il3GXoIBwCnvDtPjw8H08UWkWOmRe/dX51toJJcjOH3Zx QoETW0nwBH3tD+qGC0AMKCszYZvIh+ojGIb2mus9qat8oCgIS1MV6EV4Zgl2Ij/T rS8GfgihxC31sGaTUZXRXS6kBirzbfcdSgkgpEwCPnoLXPxb1qw= =SbLR -----END PGP SIGNATURE-----
