-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 06 Jan 2022 08:51:41 +0100 Source: roundcube Architecture: source Version: 1.4.13+dfsg.1-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@alioth-lists.debian.net> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 1003027 Changes: roundcube (1.4.13+dfsg.1-1~deb11u1) bullseye-security; urgency=high . * New security upstream release, with fix for CVE-2021-46144: XSS vulnerability via HTML messages with malicious CSS content (closes: #1003027). * Prepend '<!-- html ignored -->' to the test vector of the above. * Refresh d/patches. Checksums-Sha1: efa538d07f4d452ee91c843b43743b76dbf30faa 3273 roundcube_1.4.13+dfsg.1-1~deb11u1.dsc f9c69898927cf46e4584d34b60819f08af0ea117 128964 roundcube_1.4.13+dfsg.1.orig-tinymce-langs.tar.xz 5aaee9f2e9f58553c33fa69d4f71be3f556dea90 889088 roundcube_1.4.13+dfsg.1.orig-tinymce.tar.xz acc74765a8e4e359adc3cf9fb3d183bd23552e5f 2976244 roundcube_1.4.13+dfsg.1.orig.tar.xz 273c658ba9d561f0af7e280c2327bf3d410abe6f 91040 roundcube_1.4.13+dfsg.1-1~deb11u1.debian.tar.xz 5071a85ccc2fe485a0ab2dd21777728c05dd8eb4 10585 roundcube_1.4.13+dfsg.1-1~deb11u1_amd64.buildinfo Checksums-Sha256: 8a16af0ad367ce46b19d246ee2b4c955700dc062b544eb4012399a507df836c6 3273 roundcube_1.4.13+dfsg.1-1~deb11u1.dsc b786481b871b1302dabb068901eb615a5401619f69bac491e17bdbf79b36773b 128964 roundcube_1.4.13+dfsg.1.orig-tinymce-langs.tar.xz 73d71c9e0185aa1467ae133679a8251cd94af47b95f86bc8a93a297abf0784bf 889088 roundcube_1.4.13+dfsg.1.orig-tinymce.tar.xz 50bc14df0a2733accb7bec3211359b483980b28cf46cfac9b3068d1e249bb2b3 2976244 roundcube_1.4.13+dfsg.1.orig.tar.xz 509502b8da46e5cd15dcfda0702f30e1fea519d2dfc865f06d62566652d70b9f 91040 roundcube_1.4.13+dfsg.1-1~deb11u1.debian.tar.xz 2157172695cafa510442114b4913ae45a35e50dea544b0128c73e54acdcb9f6c 10585 roundcube_1.4.13+dfsg.1-1~deb11u1_amd64.buildinfo Files: 221eaeeee4e297e825e51976158e5c1f 3273 web optional roundcube_1.4.13+dfsg.1-1~deb11u1.dsc f1e4cb20568ae981fcf088cf602c4821 128964 web optional roundcube_1.4.13+dfsg.1.orig-tinymce-langs.tar.xz 6f7b4451383ef251b0aede3eccb80379 889088 web optional roundcube_1.4.13+dfsg.1.orig-tinymce.tar.xz f2c106af7479b7cf53728b7aa8f0fb63 2976244 web optional roundcube_1.4.13+dfsg.1.orig.tar.xz 78581f687ec2c8521958d62af1e0f091 91040 web optional roundcube_1.4.13+dfsg.1-1~deb11u1.debian.tar.xz 5cc509f38defa71e9017413d906c6418 10585 web optional roundcube_1.4.13+dfsg.1-1~deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmHWuOQACgkQ05pJnDwh pVJDUg//SJm4KXHm1NW9vyT6cXIfg962QSpPy4w6KJsbZQBM/lzwAdlNIvh2vC4Z dfzyqQ82tWco1+kI47HkHAypp1Mr/Txpax1vacKWSRMPSfnijwoRDBFzPiKROBJH djovaubXmXIKBJm4XohyxFRI15re6SuPBT52BGoLwFUG/1zphEFo9dUv+H1pCmEJ ZTMQ/QsGwaGKw4tMAz4RySUMF9+nhg5Yc0z8W3sIb2xy2qrbcETt5RoXxcLpFWTA DCRlGN2/9SFUZNLGUj2MkEFQ1xybR9HgfLrwlNLjtAmTJqBLjUyWKMGxLFOcqqdj 941VI/d5DiIJA8eYFJS4xC+BaVJudRCLf8f17MKCDNmv5MscLq0HzviUqU9RYo/f ThlefKgFjSEA8mhCEPxHU4lFabNN89hkCVD+tukfRGBzsQualL7zDksBpPJHybmK QZ5dckl/+esk9Dgh43p4gVQ0FDlxk+6zBtLxIyz+nDo7+P3YX5SUNb1dAgTYNKLQ QBSiG8ybTq5LvGLhqJo0ENUqEjahBlBKa7DmbmxV2+yCarNQlY8AavzrUy9uZiRz 0ozvvemPSzHlDLz5AknoXt4J9ePxvRT+cfdLEyMBGCLKb2f2Xjtk0ulpsJWXQ3hN pqnrZ3ndRS2oRGi5oC8/uQTEIylbYfzAdJ1ZfizvzGn4/6hd/jY= =24J0 -----END PGP SIGNATURE-----