-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 05 Nov 2023 18:15:48 +0100 Source: roundcube Architecture: source Version: 1.6.5+dfsg-1 Distribution: unstable Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@alioth-lists.debian.net> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 1055421 Changes: roundcube (1.6.5+dfsg-1) unstable; urgency=high . * New upstream security and bugfix release: + Fix cross-site scripting (XSS) vulnerability in setting Content-Type/Content-Disposition for attachment preview/download. (Closes: #1055421) + Fix PHP8 fatal error when parsing a malformed BODYSTRUCTURE. + Fix UI issue when dealing with an invalid managesieve_default_headers value. + Fix bug where images attached to application/smil messages weren't displayed. + Fix PHP8 warnings. + Fix regression where ‘smtp_user’ did not allow pre/post strings before/after ‘%u’ placeholder. * d/control: Drop 10 year old Breaks+Replaces constraints. * d/rules: Update to reflect upstream Makefile. * roundcube-plugins: Remove obsolete maintscript. * roundcube-core: Suggests some potentially useful roundcube-plugin-*. * Refresh d/patches. Checksums-Sha1: 33896387d73279f4225c15a585ca9532c41f0481 3801 roundcube_1.6.5+dfsg-1.dsc b49ae6e3e83dccf3d72cef09a2131e9af1b524fc 220732 roundcube_1.6.5+dfsg.orig-tinymce-langs.tar.xz 4d2c7d01645d775d9915b8eb3ac04f29bc5354c9 1858372 roundcube_1.6.5+dfsg.orig-tinymce.tar.xz aafc7b4208d011a285f33562027aabde61ee2fe0 2785184 roundcube_1.6.5+dfsg.orig.tar.xz ae701aeecbe69072f47302ad2e1ec8e5a49ad6ce 105600 roundcube_1.6.5+dfsg-1.debian.tar.xz 22a1538b77c7a4eef472aa77c84722df9528baa5 13634 roundcube_1.6.5+dfsg-1_amd64.buildinfo Checksums-Sha256: 887759b2ac63f57d9b6932282a244f3a78ff4ae5880f4699c13d0c1c5aa83141 3801 roundcube_1.6.5+dfsg-1.dsc ecb72327cf9e09e71cbc61631b9e3f6b3b5ed91efc83758cd6c05eeb7dad985a 220732 roundcube_1.6.5+dfsg.orig-tinymce-langs.tar.xz bca171899ccf6d07ccfd21843d251199ede59aadd6b84efe9be3af7c3e473aa4 1858372 roundcube_1.6.5+dfsg.orig-tinymce.tar.xz 9ed67e12705c656c7006f092ecdb9cfc3cd55946273bc0c0743e5c56921bc888 2785184 roundcube_1.6.5+dfsg.orig.tar.xz 28ccc9458d7c12f685e2f8b024f13b8194eadd4bae32b8de72156bc73087c7a1 105600 roundcube_1.6.5+dfsg-1.debian.tar.xz 86e4d6b8c2a78cfd2a512a5b08309cbe44ae50a13d0e3e4a5f8318247f6abd14 13634 roundcube_1.6.5+dfsg-1_amd64.buildinfo Files: e52799180e57d27af2ac3bcc16ccd4db 3801 web optional roundcube_1.6.5+dfsg-1.dsc 5edad424105c300bf5ce7ac7c49dc6d9 220732 web optional roundcube_1.6.5+dfsg.orig-tinymce-langs.tar.xz dc3d429e8b8d0c96e724816dd1affa3f 1858372 web optional roundcube_1.6.5+dfsg.orig-tinymce.tar.xz cd3be9b30e9f7639292da316ccddd730 2785184 web optional roundcube_1.6.5+dfsg.orig.tar.xz 811f5344bef7ff6c41bc4fc567d26517 105600 web optional roundcube_1.6.5+dfsg-1.debian.tar.xz 4af91b353e817c7f7856c92177d2c4b5 13634 web optional roundcube_1.6.5+dfsg-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmVH0rgACgkQ05pJnDwh pVKq3w/+MKKmNle3dt2B+i090mA5rTEW4O6XtDmi6kIcOdV8Bta2SLkYjD9Q/ivh tde1FlQGGQEZi70EEka+MOagOUVYe6YWNtafz8K8RlNIaNvmBxXJAx9B2pF0/RD9 Y33BgwtWxFDIpmZH6zTAdPsT8+5BCgr+DYlSP9Y405sym3ReDNiYPOyacYyr2uUJ Hva9BGsKLrR4WutAyZQ4nSG5j0F2wOKN27aAO1Wmswas598C4sd+/28+UzBqp+Z0 1HGgSnpavLYr8lW/ZOD2c2QS/M4VZCqtoczuhrzCeSxUmQlx0WrYGMOF7vn3cS1T n2ViflLgoVj387oKdM5Mok4AsD/FKISm3IqPRi1ljuvBVEi7iG5UVbzMlNbOB8Zc /4AODANPxn0k+zhGQqCfNOHHqZNu7WUbb028QcE6hiSUQg5ghAOAVPZZOElut3za yMwNfR0jXjVmqm8okf76H9BBbqp3OljXIV4WiUzfZIEEprPYh0wI+Zxz+alJ/cfL csVb+kJrRoQulkCSyZhNkOXer97QaMQMOcpZlMTogxxkzIALnhqOtbJTcmYCU4QW NuBV0zxQTQ1naglRnUs+9knXPVWwbMel1aXDEp79a0b1kJfAIQQjx3JD50Gu8Wli zXqx5I7/2X2x7azqP1/VCxHDtjfWAA+hx9nW2jUG+duGa7CLyZA= =jNFk -----END PGP SIGNATURE-----
