-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 14 Mar 2017 11:43:18 +0100 Source: roundcube Binary: roundcube-core roundcube roundcube-mysql roundcube-pgsql roundcube-sqlite3 roundcube-plugins Architecture: source all Version: 1.2.3+dfsg.1-3 Distribution: unstable Urgency: high Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@lists.alioth.debian.org> Changed-By: Guilhem Moulin <guilhem@guilhem.org> Description: roundcube - skinnable AJAX based webmail solution for IMAP servers - metapack roundcube-core - skinnable AJAX based webmail solution for IMAP servers roundcube-mysql - metapackage providing MySQL dependencies for RoundCube roundcube-pgsql - metapackage providing PostgreSQL dependencies for RoundCube roundcube-plugins - skinnable AJAX based webmail solution for IMAP servers - plugins roundcube-sqlite3 - metapackage providing SQLite dependencies for RoundCube Closes: 857473 Changes: roundcube (1.2.3+dfsg.1-3) unstable; urgency=high . * Backport fix for CVE-2015-5381: rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element. (Closes: #857473). In 1.2.3+dfsg.1-2 the patch wasn't added to debian/patches/series. Checksums-Sha1: 6a17fb5886012e6c2479304a285b6abc77db2715 2470 roundcube_1.2.3+dfsg.1-3.dsc 7bc35f29df51cf94403cec58d3ff42bea9756361 4441880 roundcube_1.2.3+dfsg.1-3.debian.tar.xz 67d4a79d4ce15bdceefcd4ae0ffb7c554fcbf1a9 2111782 roundcube-core_1.2.3+dfsg.1-3_all.deb e8be68927db4660112d32897d34353a725704571 70638 roundcube-mysql_1.2.3+dfsg.1-3_all.deb 5cc70c57e42867ba3a786523af9fba478fbfa90f 70608 roundcube-pgsql_1.2.3+dfsg.1-3_all.deb 27b6f89d20aee3cc715803fa15deca3422dc5f98 661502 roundcube-plugins_1.2.3+dfsg.1-3_all.deb db47556bb910a673dc03096b66ff34c26d181132 70588 roundcube-sqlite3_1.2.3+dfsg.1-3_all.deb 0f1ace58250a5c3f011b5f82d92c1574ce2dbeac 1374 roundcube_1.2.3+dfsg.1-3_all.deb 38a27ce90b0e89e9dd045caeb48332650acf6dbd 8972 roundcube_1.2.3+dfsg.1-3_amd64.buildinfo Checksums-Sha256: 8c69da8595b8b2cc27bd3d7f5e87c5f8ec665949cb62f00949c57f29c7af5baa 2470 roundcube_1.2.3+dfsg.1-3.dsc 1e2c721a117c9f46ee04d71d9121c5020ea94f466f820e2ce3dd95f0f011dda1 4441880 roundcube_1.2.3+dfsg.1-3.debian.tar.xz 46a0aa15e8f3c9339c333431d94a0ebe29e73afde0ba424fff10a6c191b3f070 2111782 roundcube-core_1.2.3+dfsg.1-3_all.deb fd3c2e67eaa6cf9e2a56dbdfd87f3aaf469cc1bb578b3d2bba2f32ee208f5abd 70638 roundcube-mysql_1.2.3+dfsg.1-3_all.deb bf1d55aa4d465c0eceb03d0e3166fa83d1ef762deee1b84282eda27d3a603ec1 70608 roundcube-pgsql_1.2.3+dfsg.1-3_all.deb dba5e7e4dce8df8233e59885e2008e361388c224a5d9fa6ed7a8ef0bddac5bfa 661502 roundcube-plugins_1.2.3+dfsg.1-3_all.deb 64eb9166752a5c41278c29f41c5d52e680fc340de7990ef3b8d898b8c0f354ff 70588 roundcube-sqlite3_1.2.3+dfsg.1-3_all.deb 93d7047c6e215a2d5bd3b1694cd00be50a8f1bb2e2ee8a75158afd51e9b28ae2 1374 roundcube_1.2.3+dfsg.1-3_all.deb d16b5c4f18a77b4063537b97b94a20a3dbf1533d03412130425ab82446a83fa0 8972 roundcube_1.2.3+dfsg.1-3_amd64.buildinfo Files: b5ce77900aee1fec5dba88d1f21d63d8 2470 web extra roundcube_1.2.3+dfsg.1-3.dsc 070adaefcf4754853bf2ecb961f08090 4441880 web extra roundcube_1.2.3+dfsg.1-3.debian.tar.xz 0cfaff5f4bcbfadfa4512203e19d40a4 2111782 web extra roundcube-core_1.2.3+dfsg.1-3_all.deb ed5671fc288459a176d86f82e6b209b1 70638 web extra roundcube-mysql_1.2.3+dfsg.1-3_all.deb f605dca57854da39d738a0ec9206c6d3 70608 web extra roundcube-pgsql_1.2.3+dfsg.1-3_all.deb cba3988ea6f5b166e4bfff302c0dcc39 661502 web extra roundcube-plugins_1.2.3+dfsg.1-3_all.deb 7ba6b6e4e9de029382c05be5cd4ab8df 70588 web extra roundcube-sqlite3_1.2.3+dfsg.1-3_all.deb 6bc265b9d59d4c987a7349bca9029a02 1374 web extra roundcube_1.2.3+dfsg.1-3_all.deb ad1814ecba700ab00beb6416d4efeb08 8972 web extra roundcube_1.2.3+dfsg.1-3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEErvI0h2bzccaJpzYAlaQv6DU1JfkFAljH3XgQHGJlcm5hdEBs dWZmeS5jeAAKCRCVpC/oNTUl+d9dD/9u+6X/mgoiUOCH+IyKdFFe3xi35R5VGHsB 1wBFVxWWB6MJRxkiCRVCd8CRFeVM2WAlPW1dVpyX/RvVhlDttHnqEZwc7VGumkd7 zjdcOhZ4ciJaoSAqw7ZLgUQ4S+DhUMg881tQZ1ZYV6qYlyZ7pi1hxKubsPuCF9Cf aH9ajGKecxMXimydJJdFZVMYg6WrYOzbCGm+VbpH7/hFA+7BqnbjENfGioy/Sy9/ OGzs4+FMZ+pMM/bbOiWOi6FcCQEWx4uXvzZApK3jKqAnA/hDy6Xg1rPhRYsjoe3D hJTF5AmBmB1ydL1Uf6paPASw8YAmHSt/K1Tt1ev/oLGnjwMiPNL8aeM0qKv1dPrk JaGmCBsFF1uO8vq7kw2HbRm28BoFDnnsGxUP7GtutJb+SqOXtMklv+eoe3fLkKmR u8JK95O3j5Uju2FkuhyKC6xniMHhjnvcr2gseoDzUEoVFE7MM+BJ1dHt7/8cHmNu 9znCP7q8zW0tEf7wlEF6Icdomai5BGPyAjJdtjAmcIuFgV75/z0g4La5i/+orD6G 8OK5Sa1051xBQqSuTy7jllu3kKvA9Ea79kGfLSSScxwdZlrHlAcRiuWGOb5v4lQJ 9lv5vLUeqxy/y+pehXmePbMos72U0+mBzt2rEDVHJK3iNlT4F2/euVoFEupnR8rS IARNVX7j/w== =IXy3 -----END PGP SIGNATURE-----
