-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 30 Dec 2020 10:31:19 +0100 Source: roundcube Architecture: source Version: 1.4.10+dfsg.1-1~bpo10+1 Distribution: buster-backports Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@alioth-lists.debian.net> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 978069 978491 Changes: roundcube (1.4.10+dfsg.1-1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . roundcube (1.4.10+dfsg.1-1) unstable; urgency=high . * New upstream bugfix release, including security fix for: CVE-2020-35730: Cross-site scripting (XSS) vulnerability via HTML or Plain text messages with malicious content svg/namespace. (Closes: #978491) * d/rules: Make sure to fail the build when an error is raised in a for loop. (Closes: #978069) * d/rules: Refactor and move CSS/JS generation and minification from override_dh_auto_install to override_dh_auto_build. Thanks to Jonas Smedegaard pointing this out. * Bump Standards-Version to 4.5.1 (no changes needed). * Upgrade watch file to version 4. * Rename Debian branch to debian/latest for DEP-14 compliance. * d/gbp.conf: Remove custom setting compression=xz. Checksums-Sha1: ff75449b994f68d15c0ae880cfe0acc792e14dfe 3140 roundcube_1.4.10+dfsg.1-1~bpo10+1.dsc 0ef91bcb3e52d81d57a1d195978c2f1dfda3d1ad 76032 roundcube_1.4.10+dfsg.1-1~bpo10+1.debian.tar.xz 3d1cea9c8e58ac5368104ecbe90e45801cf9101d 9964 roundcube_1.4.10+dfsg.1-1~bpo10+1_amd64.buildinfo Checksums-Sha256: 05f0d06d4acc221f3bb94335231311728f795d07d4ec1825b9058c0b867e712e 3140 roundcube_1.4.10+dfsg.1-1~bpo10+1.dsc 3f4e69018f3786fd6d51f17d32e63ec1ccc41207cbc08f52b807902194039106 76032 roundcube_1.4.10+dfsg.1-1~bpo10+1.debian.tar.xz 8050edfb82ba8f6edf8b5a88b5204a66e593a0f504e0b39eb8cef917532e4eaa 9964 roundcube_1.4.10+dfsg.1-1~bpo10+1_amd64.buildinfo Files: 38d4e00cbc420597b588c56b22a4b2bf 3140 web optional roundcube_1.4.10+dfsg.1-1~bpo10+1.dsc e33a8462290fdc90adc19365b2d3d56c 76032 web optional roundcube_1.4.10+dfsg.1-1~bpo10+1.debian.tar.xz 303f04f191aab2c9c5e83a4ee30c2d55 9964 web optional roundcube_1.4.10+dfsg.1-1~bpo10+1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAl/sSiUACgkQ05pJnDwh pVKXQQ/8Ch8BSpLXF9/TIn88ruWc0wtQJVyKp+9ujGKKLqSpPxzZPbzKCoXRVf32 OaWHolC2U+n2RzH3DNB0hm5LAQXeRBc9cHRvT6BhIIAdvOcN6J1PIFJWF/vobljl wq1QW5DbQKcNrUsKC+fsN6KHUEji8hSCU9jcgr/p37nT3lvd3AClH3QqaodVBrjf Uvt1yT2a6a46UAF8XkjEezKwslEfJtRT8jbKY/qNnYMm33dj5yqoRDH77G5B+OTg B0mNob6gkfN3GCw/g2+Gi5tSB9oWZwhBxCl2Obed/edy2vN+MZN3tymEohpQ23zq KlwyHl+Uo9Wm10Qb2DQjcELNaO9HhE/NyRJzqK5+eY/KgiZf3k396keJMv2oW3jT Zb/O1eAyDvQj2jRVW0q4U2KHe+qxOHF56WQoB7OnjN/RsIx7TSetvmGAdYUYflaf +vtiLwS4/mFPWRq6uHdL0xOcJCwUNtxuYMKbf/fMuxJ77PWZ4GTWe1MWWMdMlkdZ jS9rAp7JcLNQd/3RMIWud1Ob51e72wpfGw1HiTOJfFtRhhhi1qNlhop+xwEhzWZx r6b50Z8QsGm7bFjbgeCThHweiol4j1R5qYEN90Lnis1tc97jwwUT+2hBZ9/UZebn fU2DKqiaxTDxRPZZ9E8lLVf11zw9+BZOKl9zDkYBOciDcmH77/s= =KQpq -----END PGP SIGNATURE-----