-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 16 Oct 2023 20:02:40 +0200 Source: roundcube Architecture: source Version: 1.6.4+dfsg-1 Distribution: unstable Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@alioth-lists.debian.net> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 1053709 1054079 Changes: roundcube (1.6.4+dfsg-1) unstable; urgency=high . * New upstream security and bugfix release: + Fix cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages. (Closes: #1054079) + Managesieve plugin: Fix javascript error when relational or spamtest extension is not enabled. + Fix PHP8 warnings. * Add DEP-8 test to check RCMAIL_VERSION against d/changelog. * roundcube-core.postinst: Don't choke on non-existing symlink targets. (Closes: #1053709) Checksums-Sha1: f510193b40bddf74f487677dbaa0fd1557c09fdc 3801 roundcube_1.6.4+dfsg-1.dsc 49a41f382aaf74673bd5dc649d3cbe8d67ace5ca 220736 roundcube_1.6.4+dfsg.orig-tinymce-langs.tar.xz 32758ee3f2b186460c2e8f1cd87aa8ee22c6bc44 1858152 roundcube_1.6.4+dfsg.orig-tinymce.tar.xz 6b100df31c0cb2d0e296386c871a59bde179846b 2784448 roundcube_1.6.4+dfsg.orig.tar.xz 510673f4a01b6edc45d3e7dae342ffea558400d5 105368 roundcube_1.6.4+dfsg-1.debian.tar.xz c5d075dae6d4be1e5ad40d182ea3c28d8b9e5773 13600 roundcube_1.6.4+dfsg-1_amd64.buildinfo Checksums-Sha256: cf926617fd976cd63eec4ade40bc077cd0276a9f66dc614e4471e69390f47b2d 3801 roundcube_1.6.4+dfsg-1.dsc 3d7bf2bba2010c171319a76a266b671e01d5c7bff3e200fe9d966bf915932dbe 220736 roundcube_1.6.4+dfsg.orig-tinymce-langs.tar.xz d347dcebc705fd65214c08cdb02367e39bef9e3eba41c0affe84bc42ccec8aa9 1858152 roundcube_1.6.4+dfsg.orig-tinymce.tar.xz ea4e8fb414edd0961aa69d4ffba03d4981a4fad62580d88989f71489d11f3a1e 2784448 roundcube_1.6.4+dfsg.orig.tar.xz 27addc955d2b1d5760f54a91b83805b525a81eaf2f89a1afbaa14fcaf4aee2ea 105368 roundcube_1.6.4+dfsg-1.debian.tar.xz e1880481d8452a2072271dbfb14ae930759fc720c8dd6a37a35bd2d153591717 13600 roundcube_1.6.4+dfsg-1_amd64.buildinfo Files: f51e5fdfeacc018f61324026a90a8023 3801 web optional roundcube_1.6.4+dfsg-1.dsc b8e238bb13d3f2c9e3052bf77ab32dde 220736 web optional roundcube_1.6.4+dfsg.orig-tinymce-langs.tar.xz e5a66bf48031beb980234a0d27d77fdf 1858152 web optional roundcube_1.6.4+dfsg.orig-tinymce.tar.xz 36dc8f64d4e01669457ca1ac400ffaa3 2784448 web optional roundcube_1.6.4+dfsg.orig.tar.xz 8acc4c83b9e2795ab7e7970b47b43ca0 105368 web optional roundcube_1.6.4+dfsg-1.debian.tar.xz 8cb9541c5feb8c0a00b3640f8f9b1d9d 13600 web optional roundcube_1.6.4+dfsg-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmUtgW0ACgkQ05pJnDwh pVL3ag//RclksWDRkF9dukva9YAKnc/Xnyt2QWx8BGOmuQj77103lafWIvNTgYKl SR/eouLhAIpKjDdS0UVM5z3m2CvHGvOi2FKKSaJfgZtPTkeKnk0YHRIa7wRZUVJU qTO6qNnFgJ+lsuINbJcHp1xCxZel11FBygaTYdy0LSnDK8p/5SiWzCTLrtvaQmrF wZ8557cy2adCqTlNjuujtrX9GyUEwFkAmo/H9dYEq19SNpVlSfTTO2tsET9jxhJY /VoeNLlkLphrf2cmO569iaCHbnBAuSMfZrBnWgKwGQXVjgdwAugdUNQoR49ty8II k84nhQMQH2g7+geDqV2/uL3k7dDGhRZDyABuzgWK6PxMieS2gZ2pDDZdBT9yHXyb KiWEixyEm6JvBTA3spcVInq5qDFwFmJThBjVXAhpclK2vIGhR8HpxXMr7NaqRKnq OOrL5/gCF5madijCcV/2tzciPMQOugG6r+kPhbB7l+DplYiyacWStNMjLhtzCVWW Uyp7yZELbYbLlLhrdYq8voxC8S/biA16730g+eJuDjoSZ7b0510+TLNPZli3x1fV ZF0ZdvP8WBIV7KC6/SP76sdBpygLd82vdyed6rQPsVAJ/h7BICDOztScIIgzy6FZ tBHFt1d9qHOGZHWRgTn9eVMJMNyYMki+MVwQnxqobw4a2Rd/wKM= =c24g -----END PGP SIGNATURE-----
