-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 26 Oct 2013 00:24:14 +0200 Source: roundcube Binary: roundcube-core roundcube roundcube-mysql roundcube-pgsql roundcube-plugins Architecture: source all Version: 0.7.2-9+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: roundcube - skinnable AJAX based webmail solution for IMAP servers - metapack roundcube-core - skinnable AJAX based webmail solution for IMAP servers roundcube-mysql - metapackage providing MySQL dependencies for RoundCube roundcube-pgsql - metapackage providing PostgreSQL dependencies for RoundCube roundcube-plugins - skinnable AJAX based webmail solution for IMAP servers - plugins Closes: 727668 Changes: roundcube (0.7.2-9+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the Security Team. * Add CVE-2013-6172.patch patch. CVE-2013-6172: An attacker can overwrite configuration settings using user preferences. This can result in random file access, manipulated SQL queries and even code execution. (Closes: #727668) Checksums-Sha1: 5617671afaaf2f81395fffece9d78ee8179ec86b 2247 roundcube_0.7.2-9+deb7u1.dsc 81f3e5057c7bd2175318cfc261615c032afa4235 2197455 roundcube_0.7.2.orig.tar.gz 75bffb477d3c327ff2b769af1ddeae0e94972132 54657 roundcube_0.7.2-9+deb7u1.debian.tar.gz 5a65e945ae621dd9d2710460e1910946edcccd85 1028892 roundcube-core_0.7.2-9+deb7u1_all.deb e7210c52a03a61984da73a2bb2bee24a261a63e6 27766 roundcube_0.7.2-9+deb7u1_all.deb 4b96fca81b10c3cc3b7689bea4f6e27926f2b187 27700 roundcube-mysql_0.7.2-9+deb7u1_all.deb 92416f0d0fa1adc482bdf37349cba3ae40203b11 27700 roundcube-pgsql_0.7.2-9+deb7u1_all.deb 1478c97e6536775fa7d0fe5463a3173063976626 320664 roundcube-plugins_0.7.2-9+deb7u1_all.deb Checksums-Sha256: db2050a301ada0d14eda38374aeace0e7975b058738a3a72c5c374c0b4896e3c 2247 roundcube_0.7.2-9+deb7u1.dsc e14955243b5c31317c3cfd568579399819aefa659e051735b67fceda784331e2 2197455 roundcube_0.7.2.orig.tar.gz 71923e4d0d8cc01e61da7e08b02fe297016ea7d6e7e64eda385365a352829b81 54657 roundcube_0.7.2-9+deb7u1.debian.tar.gz 53ae945a0bbf606dcf6d1b5579deaf951cc303e37bfd77d1bb85861db2fb7299 1028892 roundcube-core_0.7.2-9+deb7u1_all.deb 44dd851e9358dab6ed2645f8619343fb23be690feeed285dfe8f516d823263a7 27766 roundcube_0.7.2-9+deb7u1_all.deb f2613edfa37d1222bbfe9010ca0f0e90cc4f17c9d2e3e8fff998d7e097677a53 27700 roundcube-mysql_0.7.2-9+deb7u1_all.deb c1b5dd30c33bbe2ba29ffa177230d30514bed6d384dce82839cf5d1fe0a1fd3f 27700 roundcube-pgsql_0.7.2-9+deb7u1_all.deb ef16f3042b223a4fb1ee8dbc46bccd33fd607c57a2d177ab86fc7ef6058d92e3 320664 roundcube-plugins_0.7.2-9+deb7u1_all.deb Files: 7de50b5c41e34ed054947e4aece924fb 2247 web extra roundcube_0.7.2-9+deb7u1.dsc 2b77fe823de00a7ebd85b8919e40d78d 2197455 web extra roundcube_0.7.2.orig.tar.gz 003c1a0eeaadc689b20d7866fdca6f35 54657 web extra roundcube_0.7.2-9+deb7u1.debian.tar.gz 908c7df5904ff62502ce66c51cc58a3b 1028892 web extra roundcube-core_0.7.2-9+deb7u1_all.deb 8f651e4838128fec40ce611a306ac629 27766 web extra roundcube_0.7.2-9+deb7u1_all.deb ba44fbd834798781560b4fd1b96ce79b 27700 web extra roundcube-mysql_0.7.2-9+deb7u1_all.deb 3fda7c3c7205d9645638f78346911498 27700 web extra roundcube-pgsql_0.7.2-9+deb7u1_all.deb 9f3c8f5247ffd69da5863c28092c890a 320664 web extra roundcube-plugins_0.7.2-9+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBCgAGBQJSbEMEAAoJEAVMuPMTQ89EFWEP/3+45MsM5RvrKLc6WU9PqfHQ A2uJWcakSZNdfOKioo00aY7d0bTp/uxbNR37khZfwkqzJCS9nc2NyyG/UMFj6TkE iaJmN40Nw9e04yylKJX/OLbldsJd5O/wGfrYCKLzvY+vYoFh7mSr3QeP/saAXpFJ p4T49iIxULsNp0D8dNJ1QwpwnLsiCj4uD66BJ1VNBfOQkEjGID69Zjc1RZR7V0DK z/wIshZ+6LP+YylG/2XFuMyv232vc34HEfZFXh6dgwt4f3XBz7DLTTBfUzFGiadX ok/QjnjITtX6HFdI5Zyi56EU+mnbmW+CZIgowP/RUV5trX2OD8/mX+8Mgcx/trPb RXj+ZOPWAvzSmyjOENjQcHhT39Oa/dbjWy8ViWWGLnAV67Djl00V5cNYihyG4pw5 +f6WUdZsUYBXtjtDUggXzaNhbkCI60zdaMwujMjyjAUoviIoMVM8J3ynkm7v92qJ a9dS92njxMA0ufffQnE1lay3JvaZ7bRluJVDvAFBLKxCkT0hZqOR4G4/ZgJXs/FQ qxPxmXfp95qxXXqn7/1aWsjdTKokEQD+oodduIDVBxrRZZaK+y9Re+lq6yCY4+iy hW5ynPGm9SjE8Ee+gAp7G4cTLDSFXrXqZKEebxZmdnsQTNuyKVUvatH4taupX39w oomEkKSO9Nzo4VAwAhTS =4SIn -----END PGP SIGNATURE-----
