-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 14 Dec 2025 10:53:54 +0100 Source: roundcube Architecture: source Version: 1.6.12+dfsg-1 Distribution: unstable Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@alioth-lists.debian.net> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 1122899 Changes: roundcube (1.6.12+dfsg-1) unstable; urgency=high . * New upstream security and bugfix release (closes: #1122899). + Fix Cross-Site-Scripting vulnerability via SVG's animate tag. + Fix Information Disclosure vulnerability in the HTML style sanitizer. * d/watch: + Port to Version 5. + Simplify [UD]version-Mangle. + Use @STABLE_VERSION@ not @ANY_VERSION@ as tag matching pattern. * Refresh d/patches. Checksums-Sha1: 7bf07da760509d21f29ec1b0cf0ea06cdb0a2554 3828 roundcube_1.6.12+dfsg-1.dsc b6102dd4c719acb400298aa6e1d8627ff194597f 126900 roundcube_1.6.12+dfsg.orig-tinymce-langs.tar.xz 70ab9651d5bf0cc002731e762ed811b1c9b96211 1928404 roundcube_1.6.12+dfsg.orig-tinymce.tar.xz 003ff398e115137a54217df58bde53f42ef4479b 2791204 roundcube_1.6.12+dfsg.orig.tar.xz 8988b10779a2d79d75c88198e3afd2cc14b4d923 153636 roundcube_1.6.12+dfsg-1.debian.tar.xz f8d802b9eec5ff9dfe4fa824fc98da2b45f84357 6230 roundcube_1.6.12+dfsg-1_source.buildinfo Checksums-Sha256: 2ce2910f10d27165e09448c69eb86eb5aed3db911dcf31116cee6f7657a3cb7f 3828 roundcube_1.6.12+dfsg-1.dsc 488276066b6044d9aa7fed66559bed399cbcb9fac6a4d2ea63e0a7858ca9c46e 126900 roundcube_1.6.12+dfsg.orig-tinymce-langs.tar.xz 9c9a759800812e9e658760c382707f04dab5f9d047bd77e693693e8a840eab7d 1928404 roundcube_1.6.12+dfsg.orig-tinymce.tar.xz 6ca741ee8b98f643b2038ac5415daa5836013d92c874b0bfcf81efa2f3229ca4 2791204 roundcube_1.6.12+dfsg.orig.tar.xz 646976e268b2284cc9e57b3ded6355d63e850c4c870d59f9dce2205ca48b716e 153636 roundcube_1.6.12+dfsg-1.debian.tar.xz cc061a9cd01dc43144a81809316bb9b98ceddd4124fd60e1a775a574593e4034 6230 roundcube_1.6.12+dfsg-1_source.buildinfo Files: 35d3234d80e20ac29be464ccdab56e68 3828 web optional roundcube_1.6.12+dfsg-1.dsc 66af8f1d0cbfa3b7e16e7d9350a964c5 126900 web optional roundcube_1.6.12+dfsg.orig-tinymce-langs.tar.xz 50a2e20e6d8ec1abda11aa7d575e1f95 1928404 web optional roundcube_1.6.12+dfsg.orig-tinymce.tar.xz 8b305f7c4db83506df9deec4705866dd 2791204 web optional roundcube_1.6.12+dfsg.orig.tar.xz 17efea0b3dfd05de0fa22dd85c1b64b4 153636 web optional roundcube_1.6.12+dfsg-1.debian.tar.xz 07590e5be896e0d7ea723489723e3644 6230 web optional roundcube_1.6.12+dfsg-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmk+kJsACgkQ05pJnDwh pVJszBAAlZm9DCmjG9DPzCD+IhEGE8RCUVHi1x/eI3IMvz/JedByOzJJGFFYAPiN uA5uoOLmQ87KiiDwgbmmW82uEN8iN+I3CvJVwmJP3m2Z5Xe2bS5viUqEYcPHUfUx 4zzya5YriJhVx9nluel7A/8yuF8cdPWS2HfIPFeHHJIn/TDmo+h+onhAi+YVEmti L+fkAlFDtuEWMsrc1MoeLIxHcDbyHST7ET7xqNFtCzbITTlIGuUkA2BtJVsx+xY6 d5EgiVdnDuEefP6IR5jHVyGjK8ITIvif+P3tWh66A69hL3H+kXI4999DBtHOmY6H 9juVCyLdmRzEjOHYlOUvGZ3NFnVwBMFoPn7cUHo3lrIosx84FMJCrpfnE8oVZaB6 c+NApYxNXd4WaE8Clgop2kEsaENZZnHG5ZAbHPfBs925MwEQ7kYb+3D2GWdQPiV/ ToREh5RgwkMrhQ69VDKIQyvEreIOsvS95tJ5FIaUIRJ5r93vSPWXU7XQOSIduL0o oxBEd/B7//Q/hLBOiqkEhpp3RPYi6FQf2hEWj/CWbMlr+bUPopnVMCASIJOO0Qdg dlqDExmIhF9GCnbxcauw2Je7dUTbnOzqCdxT1woxeiMPrchNmO6vZBxY2bSMbjN1 d/YaO1vExHK9Qi0nf9EbzxziiuzUYxzBIA3M628vFGpCqQw94Lg= =9pz7 -----END PGP SIGNATURE-----
