-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 11 Aug 2020 17:44:16 +0200 Source: roundcube Architecture: source Version: 1.3.15+dfsg.1-1~deb10u1 Distribution: buster-security Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@lists.alioth.debian.org> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 968216 Changes: roundcube (1.3.15+dfsg.1-1~deb10u1) buster-security; urgency=high . * New upstream release, with security fix for CVE-2020-16145: Cross-site scripting (XSS) vulnerability via HTML messages with malicious svg or math content. (Closes: #968216) Checksums-Sha1: 4dcd76be5a5f08c4066fd0bfa67f5e2d9b15578d 2487 roundcube_1.3.15+dfsg.1-1~deb10u1.dsc 39599eab9130e98b8bc837afdb203b4cf6e5aa82 2186680 roundcube_1.3.15+dfsg.1.orig.tar.xz b1d4f9485571765bcb2965e87eb0a0e3607371c0 3054596 roundcube_1.3.15+dfsg.1-1~deb10u1.debian.tar.xz e9b37330ef398070040988feea2fe277689af95a 9390 roundcube_1.3.15+dfsg.1-1~deb10u1_amd64.buildinfo Checksums-Sha256: 76731d7b6cf7718fdfd661dde434d0cecacf8ffa22575b9beea380cd144b7f6b 2487 roundcube_1.3.15+dfsg.1-1~deb10u1.dsc e6dfe02d7daafa96efdf63ec6a832a2cc201de640e9c26cb760231b304edb399 2186680 roundcube_1.3.15+dfsg.1.orig.tar.xz a80ebbf5e2063636d4d501bb01b0c6aea9cffed47bf6afdeaa3cb04e3d619b7d 3054596 roundcube_1.3.15+dfsg.1-1~deb10u1.debian.tar.xz 68fb212e2646c6da80b589cdbe5c3ebaefc95687caef06e15bf1b79955e124e6 9390 roundcube_1.3.15+dfsg.1-1~deb10u1_amd64.buildinfo Files: b035c79ccea933c4c1fd6dc81fafa403 2487 web optional roundcube_1.3.15+dfsg.1-1~deb10u1.dsc de0d451370d77fe91bfce99024f0e68f 2186680 web optional roundcube_1.3.15+dfsg.1.orig.tar.xz 31298294197f647418de8cf633910078 3054596 web optional roundcube_1.3.15+dfsg.1-1~deb10u1.debian.tar.xz 440fd888d37b6f2694ee2156904e0180 9390 web optional roundcube_1.3.15+dfsg.1-1~deb10u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAl8yvlgACgkQ05pJnDwh pVKi2g/+OSpb5CJ+m7oUMego2gRSBFhuHfZENll0Gvrjvpc+8zFFg6y7ojlLVDt9 +6e3gNqNMmNsZo0z/Kh28T4tOf6MxGf8xiBEXKTbwuUIdnHnISbf21X4rVEVnNem fHn+EOmqKOpMv0WO7lCNlrMuZ1nGUCG0WnQTdpiEmBODGixczM6ynU33My2Z0qBJ hXCpThPUXwqLTrPteqR6M8crcaqJ+TZSEck24R9IoYShatspl6rTKBpH5JCqutvh 7SrchKhOPI6pIovgxwCPzVIM+RwDZCthRb3YV+7JdTVkjpGQvv+RdIvq2e575UV1 QvD7W7Lf1fGM6AN1zAE/f8g2XogmiOJF6LA+glJCajUty1XD13POusIs5TEMJgzv yPrGrFeLOISCU7fqNKYuXi5uamKkaWTjjvUMRt+7MgWEfWDzZqTGuxLVyN7GuL74 GgPtFs30FpoOJe/wibm3lOlKipoObexzJPy6lGNAgNgYaFuHJ4bWH9JEK4AxXAGY 6Y8pNaadw+wbgeKcw/UH9PKXChntAXkPq/8bk2c02rroDmD6yUxYF0e+Ej3y6kuQ /Ucfoyib2pRlvcnzAnovsBgiLSX+8T1uVzfskvVZP1O9DfcgvrIn5t47Kftm00uj eoXI298OXEccF+stADiXc3lGrrandmdIctHXCdBliUuiwy9Y8+o= =GewL -----END PGP SIGNATURE-----