-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 04 Apr 2016 15:55:10 +0200 Source: roundcube Binary: roundcube-core roundcube roundcube-mysql roundcube-pgsql roundcube-plugins Architecture: source all Version: 0.7.2-9+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: roundcube - skinnable AJAX based webmail solution for IMAP servers - metapack roundcube-core - skinnable AJAX based webmail solution for IMAP servers roundcube-mysql - metapackage providing MySQL dependencies for RoundCube roundcube-pgsql - metapackage providing PostgreSQL dependencies for RoundCube roundcube-plugins - skinnable AJAX based webmail solution for IMAP servers - plugins Changes: roundcube (0.7.2-9+deb7u2) wheezy-security; urgency=high . * Non-maintainer upload. * Add CVE-2015-8770.patch. Fix directory traversal vulnerability in the set_skin function in program/include/rcube_template.php that allowed remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code. Checksums-Sha1: d687fdff2c2b5277c0117ab40c0e6bd426272b8e 2360 roundcube_0.7.2-9+deb7u2.dsc 5bebf7030f3eea25d8ee4784187a1585a24efeaf 54809 roundcube_0.7.2-9+deb7u2.debian.tar.gz 32c86c0ce4c51291c0fa6e58f7ee5a310624fb55 1032910 roundcube-core_0.7.2-9+deb7u2_all.deb 6d90f3887b826d9d8e966149f14b79bbfb9c73f6 27790 roundcube_0.7.2-9+deb7u2_all.deb 29b33716e72286dd7f2188289863431de0436110 27726 roundcube-mysql_0.7.2-9+deb7u2_all.deb 7e24681dfc1cc15cbf44d39f0788920471c149e7 27730 roundcube-pgsql_0.7.2-9+deb7u2_all.deb 13d3cb6a85fd0e75d7551ba7a829a9fc22ed3df1 321988 roundcube-plugins_0.7.2-9+deb7u2_all.deb Checksums-Sha256: 927ef30bdb01abc2e4b8555bec41020b1b68ac0474750bb65e8d7b44e7c99934 2360 roundcube_0.7.2-9+deb7u2.dsc 352c682c9e099f39939e29700327d5cc2dcdd43f56e003343e01f627f652ceda 54809 roundcube_0.7.2-9+deb7u2.debian.tar.gz 6af179fd42e2bf2e7d2046e1d83b00a7f884b8bbd1210b11bb8286ede9c3d5a1 1032910 roundcube-core_0.7.2-9+deb7u2_all.deb fdb344109bd1c6b77199069b5c5418d848fb07af0cf844f83a9e0ac75ce778dd 27790 roundcube_0.7.2-9+deb7u2_all.deb 31e0631fc469c4e2b34cb7592fc1c3a35da3f517a71de4ec86bac0d735b7b96e 27726 roundcube-mysql_0.7.2-9+deb7u2_all.deb 157525d1f9fc018d9070222065437b8fcbe357175a04e588464ed13b02b32f93 27730 roundcube-pgsql_0.7.2-9+deb7u2_all.deb 77e605a4431360243b5de15f8b23e3805977a75d10d5789d95b3ce264d293b6d 321988 roundcube-plugins_0.7.2-9+deb7u2_all.deb Files: 3a340d8078c5dc3582f6c07e151fc141 2360 web extra roundcube_0.7.2-9+deb7u2.dsc 9f6df8c7ce81f56ad49a0c7b511cad49 54809 web extra roundcube_0.7.2-9+deb7u2.debian.tar.gz f06fa300c8dc6a3ac953e817a5648e13 1032910 web extra roundcube-core_0.7.2-9+deb7u2_all.deb c400e2a47601d4a27fed8b16fbf43ee5 27790 web extra roundcube_0.7.2-9+deb7u2_all.deb c1809e86641fef88be375cff877d0022 27726 web extra roundcube-mysql_0.7.2-9+deb7u2_all.deb 72889068cd3f6615eadc5778874d1cb3 27730 web extra roundcube-pgsql_0.7.2-9+deb7u2_all.deb 9e328f0d638d79002d24cfdea0f3d4b1 321988 web extra roundcube-plugins_0.7.2-9+deb7u2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJXAndEXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1Hkzz8QAK8XpfTuBy2NioWSDADIhNNw amFIyxrE6eBGYZAXIDTXh9qVMN8um5bjM92J6qyCCS6a6LZK404iRZleleJKno73 dbQEKcRr/yj9avaUK028PPufs7k6rARTv59PsHNjeIoau84HdiRujipfkBMvX1Oz ys1ksPvUHtQ3AheGkUg2Lx1GiEFcpoZkFQpfV1Csru2BMh0j1I1KBu0Cs9N8Vo2A /F6nDxkWjcdTB/MDSQgBuiNgz1mlbNyyQh9MrBCtN+zAyPhH2raILJh9CWWXw0ZF qnnP1BKSWy9mhRW+XA2LuE1QzNRdn0ZuN0wNJGwpS97whe/IpolkgzCNcu/4AnuG m5601CY555P7znf6qUKYRYN3ifI+Ygs+B7B1HHuc0HHUvLtL4F9IatAVEQi/GsWB Uuppfi3ab8B9tR1sS97AOOwNWGNJ0S3rsYQSmUbqfJwrt03WhiGU6k3JA55UMJl5 2lrKQbvzZ9qGroBZ8R/dn2iTKZgeLtKur2q8BykgaY//vQxpzb+pPwqVElr1q+7C Y16DwPt+PF/eOcP2APb6KQUYedpr/KH3iMCLDmWG1LADMurtGqFoRWveeXwV4IKY hFb1ByK96JBn9+/ENrSBv8oHeTI50hrHTTa/PrGNTQ56giCVniRXvzgvtKRSjTHG N8vE5VZUVFUQH8eNSPLP =Wk0X -----END PGP SIGNATURE-----
