-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 18 Oct 2023 23:40:57 +0200 Source: roundcube Architecture: source Version: 1.4.15+dfsg.1-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@alioth-lists.debian.net> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 1054079 Changes: roundcube (1.4.15+dfsg.1-1~deb11u1) bullseye-security; urgency=high . * New security/bugfix upstream release: + Fix CVE-2023-5631: Cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages. (Closes: #1054079) * Salsa CI: Disable lintian and reprotest jobs. * Refresh patches. Checksums-Sha1: 7a00843c75c8bbbee2625d3fa571bfcf2accfa91 3273 roundcube_1.4.15+dfsg.1-1~deb11u1.dsc fb0b5deacca5863d37a0b10c3771f27c91d4545e 128840 roundcube_1.4.15+dfsg.1.orig-tinymce-langs.tar.xz a53c61b8ec041aa5a15be0da438a990a34acc072 889052 roundcube_1.4.15+dfsg.1.orig-tinymce.tar.xz a3591df13cae970b04c53651221f316ba521c473 2976560 roundcube_1.4.15+dfsg.1.orig.tar.xz 3f9db1cb9d5a73d3f27c84c4bef04c988e297fe4 95980 roundcube_1.4.15+dfsg.1-1~deb11u1.debian.tar.xz 1e4ded25fb55afea0120b6ccb4088da34f10513b 10829 roundcube_1.4.15+dfsg.1-1~deb11u1_amd64.buildinfo Checksums-Sha256: 169da28484e7a82978623b5311751389c07c5eebdadd1c223dbf917bf9f5add6 3273 roundcube_1.4.15+dfsg.1-1~deb11u1.dsc d1806e62b75b5e2c8bbbce987abd3eae874f205dd560ad8f6f02a2171c8cf23a 128840 roundcube_1.4.15+dfsg.1.orig-tinymce-langs.tar.xz b61678512254fc2af25a42ac689ac6df69bdf6d15d7aea6e9001c8868653ee74 889052 roundcube_1.4.15+dfsg.1.orig-tinymce.tar.xz f56e664cddb698cf0eeefb1a34dd495ce0e6d29643b2e2ec0ae5cb9c6342882f 2976560 roundcube_1.4.15+dfsg.1.orig.tar.xz d1d52e5fe6148f6a111a1295b563f885cf0f4fdba76b18a61386b3fd4c6c049f 95980 roundcube_1.4.15+dfsg.1-1~deb11u1.debian.tar.xz 44471f38e9fe60562eda90c035142d4b51c96612e3ae1c34fb74130b97ea36fc 10829 roundcube_1.4.15+dfsg.1-1~deb11u1_amd64.buildinfo Files: ab265a425abdd16b06d8250177823da2 3273 web optional roundcube_1.4.15+dfsg.1-1~deb11u1.dsc 450c693c68d2642b15356d06255a0d4c 128840 web optional roundcube_1.4.15+dfsg.1.orig-tinymce-langs.tar.xz 5b440fff53353d7c0ad73292c1cfe6e2 889052 web optional roundcube_1.4.15+dfsg.1.orig-tinymce.tar.xz e98d3d252094ea231c3b02a3ff39471a 2976560 web optional roundcube_1.4.15+dfsg.1.orig.tar.xz 6b8e6b8616571d0365ba50f411b35999 95980 web optional roundcube_1.4.15+dfsg.1-1~deb11u1.debian.tar.xz bef11cc961770f68a6d15940dd7db83c 10829 web optional roundcube_1.4.15+dfsg.1-1~deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmUwXLYACgkQ05pJnDwh pVJnLA//Uez2y79uF6j0mDjQsiiHsWpWTzr3vdUECA95SGkwBz92kynn5p8eKVM8 Qqvn3ecDH4xJ4Rn6o1fEBQ1IX7fCx7lkIChCyTqn1TLK7v8xfhBxvVfXSvx+JDb5 SIEzmF2KMZdoWHM7PcJd7Bz8Ob6sL6jhR/rJOEBMBSiqC1FpcEfatjrsWvcE4T47 ThkUCLnfd5MxuF2UrqXPU6eo8SKzXt5dtBkMf8cV2FNGnTZcqumAsuE6y3l/qOQ7 ktKXvpxOyX9s5/VUb4z6cRED5g4Tg8lKl0tp2O+ghFV8oZobhXwr2EQmyQe+iEyA ILXQfaZouPh246W7dWkmcZojbKxkBdJQ7KHF10QtQpYYDZ9wYbXqwNcnbOV1A1td y7NRkNKzSklfE+IVdQ9rlKSBlK2cglH8WxZIP5xNoBSTnPzVk/ljca/3+4LHaIGy n9OwC3F5ylxAb2ievDziJi9jwQvdIDlC22mzU4YUqDgJngQvBtnPmyEtUfB8x03U nVL0Dt6XI/6tC3bk++DE27uQV/meh+pIS4+Vbl95F8zaET6xkLlbu1N+bUUVxRyU adNNTGPbR6+vOFz0sBMrOVJxVar+MuMKyNeD1/xsZwoyCbLdsOnBQNCFInjBpTA7 wOwMCAtoLn1AmhD4TelQsp+8tUji51tyN+ykIE8HOZ+JLl+k70g= =D4Ii -----END PGP SIGNATURE-----
