Debian Package Tracker

From: <dak@security.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted roundcube 0.7.2-9+deb7u3 (source all) into oldstable
Date: Thu, 30 Jun 2016 20:40:14 +0000
Signed by: Markus Koschany <apo@gambaru.de>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 28 Jun 2016 20:26:58 +0200
Source: roundcube
Binary: roundcube-core roundcube roundcube-mysql roundcube-pgsql roundcube-plugins
Architecture: source all
Version: 0.7.2-9+deb7u3
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description: 
 roundcube  - skinnable AJAX based webmail solution for IMAP servers - metapack
 roundcube-core - skinnable AJAX based webmail solution for IMAP servers
 roundcube-mysql - metapackage providing MySQL dependencies for RoundCube
 roundcube-pgsql - metapackage providing PostgreSQL dependencies for RoundCube
 roundcube-plugins - skinnable AJAX based webmail solution for IMAP servers - plugins
Changes: 
 roundcube (0.7.2-9+deb7u3) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * CVE-2015-8864:
     XSS vulnerability in SVG images handling.
     When right-clicking on the download link of an attached image, it was
     possible that embedded Javascript could be executed in a separate Tab.
     The update disables displaying of SVG images in e-mails and TABS.
   * This security update also mitigates against other ways to exploit this
     issue in SVG images. (CVE-2016-4068)
Checksums-Sha1: 
 39df88b27d63f9ee1c9ad88d5103d98a867175f9 2360 roundcube_0.7.2-9+deb7u3.dsc
 606d6a840fd3ff80d743235fa09e90c013055f7e 56025 roundcube_0.7.2-9+deb7u3.debian.tar.gz
 a04b025901ba3b64c14b8060e47b0d689b4dd89b 1032902 roundcube-core_0.7.2-9+deb7u3_all.deb
 517ee912d0de3a816f66c1155346dd6509da511f 27442 roundcube_0.7.2-9+deb7u3_all.deb
 721c0c2e9567a8e5e256e046948c52959f87af25 27386 roundcube-mysql_0.7.2-9+deb7u3_all.deb
 908f4c43ceda8fab8b8312d93c9e32fe78eea0ac 27386 roundcube-pgsql_0.7.2-9+deb7u3_all.deb
 2c0e5b5f9095817bc7e13a1523f1f01a36cc00a1 321756 roundcube-plugins_0.7.2-9+deb7u3_all.deb
Checksums-Sha256: 
 6863689dbf7c79bbbbcfeaa22f38d2a2002623b0157c3babf558175bd312e45b 2360 roundcube_0.7.2-9+deb7u3.dsc
 2429f407541cec8eea1ecb3f1b4fab13ca2dfe5231e51b5b4d37da78f2d854fa 56025 roundcube_0.7.2-9+deb7u3.debian.tar.gz
 2696c3465ec9050977429a7a9c87f07090cd55062293b8c0c2893977eaeb3f38 1032902 roundcube-core_0.7.2-9+deb7u3_all.deb
 062692094cf6d88bb18d0d5da71a979beadd7004e1990122db51fbe8952996c2 27442 roundcube_0.7.2-9+deb7u3_all.deb
 76c034499b9c3567e30528b2be454beb7440837242fd95b0151fa73454ffb786 27386 roundcube-mysql_0.7.2-9+deb7u3_all.deb
 6f0b0f33c8dad1959b08afdb6f0fe5904d45764552872536e38242d9229fd292 27386 roundcube-pgsql_0.7.2-9+deb7u3_all.deb
 ef27a0df82d38c6a36ecea9d58f5934de42da7ffe72846024f6bb30d1439dcdb 321756 roundcube-plugins_0.7.2-9+deb7u3_all.deb
Files: 
 dee0723b69d10a77506be09842771cf2 2360 web extra roundcube_0.7.2-9+deb7u3.dsc
 5650075155027b1720cb251c81986c36 56025 web extra roundcube_0.7.2-9+deb7u3.debian.tar.gz
 3b67e4257ca5a458640a1ff78250a769 1032902 web extra roundcube-core_0.7.2-9+deb7u3_all.deb
 faae0b211420441c08d625442fc098eb 27442 web extra roundcube_0.7.2-9+deb7u3_all.deb
 f86b80c9b582c5bdacca921c0cddddd7 27386 web extra roundcube-mysql_0.7.2-9+deb7u3_all.deb
 e8820d0a061f5ea4fe05d8fc70f54731 27386 web extra roundcube-pgsql_0.7.2-9+deb7u3_all.deb
 b0ea71d094af20c93b83e3b2379c4f1f 321756 web extra roundcube-plugins_0.7.2-9+deb7u3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJXdYCPXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkqGUP/j5yL+sDaU4UKl9od1w29cXy
53rb4KtEN7rFb7vaZALURa4y4YsNEfNLHnbriY9L3xwm2cCi4EkkV2MJPxzWHbMm
N2b5zkq76gn8YMf4t3k5RPrXPUE9TXySGtJQdSD4EFlFw3CBXwLASJ8VHPEOhFQU
USRGOUWFCafeCJvKncKJsR/HwCi5HyYSJsXuLTuyiJpuGJhMxWM5+BbMiAsqTnl8
r3Hl8zaIGlfhUiOiUScuxZUM5UODJFBM9Mqfb/9SRoHVLWOV6gCGgUG6M4+WqLq7
mZtED0ovUtoErrR5eKQKpZfZtvvt4fQBi6l47MDRsKU6OfJ3g5cC4HXU2CXkvFaQ
+3VOD8sZrPNWpQs2GSjDqgkGuh2pCqDAQL8xQVdfZi0Runq7yOjwmsFADAvqT6DW
zP+u0+wlYqUTNiMNtFBeV4q+oA+geHktxe8p6B5zG9TAiic88FycCc1jQDd4hoiJ
2QqUqmFUkP5gR2B11Re6TpHKSKRGjZf1TdMw9nn6CvIo1NyvDLHcgdvCxCnK0N8W
BAZ3btOnTxQumicLdcDoju4GoPIJrBd9hDoaCLIEA/40CEI1JZkTHQOxD3SHxjJ2
4ttJlc6tzqesFPycQpuG07NBbLUePTsRbqM0tP3PIEv7qSiQ8tFYUqqxXBPwmDhG
RHJ+mTPF2UvIN2maGFTO
=0igM
-----END PGP SIGNATURE-----
News for package roundcube
