Register | Log in

roundcube

skinnable AJAX based webmail solution for IMAP servers - metapackage

Choose email to subscribe with

general

source: roundcube (main)
version: 1.4.10+dfsg.2-1
maintainer: Debian Roundcube Maintainers (archive) (DMD)
uploaders: Vincent Bernat [DMD] – Sandro Knauß [DMD] – Guilhem Moulin [DMD]
arch: all
std-ver: 4.5.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1.2.3+dfsg.1-4+deb9u6
old-sec: 1.2.3+dfsg.1-4+deb9u8
stable: 1.3.15+dfsg.1-1~deb10u1
stable-sec: 1.3.16+dfsg.1-1~deb10u1
stable-bpo: 1.4.10+dfsg.1-1~bpo10+1
stable-p-u: 1.3.16+dfsg.1-1~deb10u1
testing: 1.4.10+dfsg.1-1
unstable: 1.4.10+dfsg.2-1

versioned links

1.2.3+dfsg.1-4+deb9u6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.3+dfsg.1-4+deb9u8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.3.15+dfsg.1-1~deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.3.16+dfsg.1-1~deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.10+dfsg.1-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.10+dfsg.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.10+dfsg.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

roundcube (11 bugs: 0, 4, 7, 0)
roundcube-core (1 bugs: 0, 0, 1, 0)
roundcube-mysql
roundcube-pgsql
roundcube-plugins
roundcube-sqlite3

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-15237: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.

Please fix it.

Created: 2019-04-07 Last update: 2021-01-16 05:34

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2020-10-19 Last update: 2021-01-26 06:32

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.4.10+dfsg.2-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 8ef9064f3f8d110d94edbed23c18f03e2749566d
Author: Sandro Knauß <hefee@debian.org>
Date:   Sat Jan 23 01:55:26 2021 +0100

    Remove retry-to-reach-imap-server.patch (Closes: #960302).

Created: 2021-01-23 Last update: 2021-01-23 07:06

3 ignored security issues in stretch low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2018-19205: Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php.
CVE-2019-10740: In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.
CVE-2019-15237: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.

Please fix them.

Created: 2018-11-12 Last update: 2021-01-16 05:34

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-15237: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.

Please fix it.

Created: 2019-04-07 Last update: 2021-01-16 05:34

1 ignored security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue skipped by the security teams:

CVE-2019-15237: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.

Please fix it.

Created: 2019-07-07 Last update: 2021-01-16 05:34

news

[2021-01-26] roundcube 1.4.10+dfsg.2-1 MIGRATED to testing (Debian testing watch)
[2021-01-15] Accepted roundcube 1.4.10+dfsg.2-1 (source) into unstable (Guilhem Moulin)
[2020-12-30] Accepted roundcube 1.4.10+dfsg.1-1~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-12-30] roundcube 1.4.10+dfsg.1-1 MIGRATED to testing (Debian testing watch)
[2020-12-29] Accepted roundcube 1.3.16+dfsg.1-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-12-28] Accepted roundcube 1.3.16+dfsg.1-1~deb10u1 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-12-28] Accepted roundcube 1.2.3+dfsg.1-4+deb9u8 (source) into oldstable (Guilhem Moulin)
[2020-12-28] Accepted roundcube 1.4.10+dfsg.1-1 (source) into unstable (Guilhem Moulin)
[2020-10-07] Accepted roundcube 1.4.9+dfsg.1-1~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-10-07] roundcube 1.4.9+dfsg.1-1 MIGRATED to testing (Debian testing watch)
[2020-10-01] Accepted roundcube 1.4.9+dfsg.1-1 (source) into unstable (Guilhem Moulin)
[2020-08-14] Accepted roundcube 1.4.8+dfsg.1-1~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-08-14] roundcube 1.4.8+dfsg.1-1 MIGRATED to testing (Debian testing watch)
[2020-08-12] Accepted roundcube 1.3.15+dfsg.1-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-08-12] Accepted roundcube 1.3.15+dfsg.1-1~deb10u1 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-08-11] Accepted roundcube 1.2.3+dfsg.1-4+deb9u7 (source) into oldstable (Guilhem Moulin) (signed by: Roberto C. Sanchez)
[2020-08-11] Accepted roundcube 1.4.8+dfsg.1-1 (source) into unstable (Guilhem Moulin)
[2020-08-03] Accepted roundcube 1.4.7+dfsg.2-1~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-08-03] roundcube 1.4.7+dfsg.2-1 MIGRATED to testing (Debian testing watch)
[2020-07-24] Accepted roundcube 1.4.7+dfsg.2-1 (source) into unstable (Guilhem Moulin)
[2020-07-09] Accepted roundcube 1.2.3+dfsg.1-4+deb9u6 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-07-08] Accepted roundcube 1.3.14+dfsg.1-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-07-08] Accepted roundcube 1.4.7+dfsg.1-1~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-07-08] Accepted roundcube 1.3.14+dfsg.1-1~deb10u1 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-07-08] roundcube 1.4.7+dfsg.1-1 MIGRATED to testing (Debian testing watch)
[2020-07-05] Accepted roundcube 1.4.7+dfsg.1-1 (source) into unstable (Guilhem Moulin)
[2020-07-04] Accepted roundcube 1.4.6+dfsg.1-3 (source) into unstable (Guilhem Moulin)
[2020-06-23] Accepted roundcube 1.4.6+dfsg.1-2~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-06-23] roundcube 1.4.6+dfsg.1-2 MIGRATED to testing (Debian testing watch)
[2020-06-18] Accepted roundcube 1.4.6+dfsg.1-2 (source) into unstable (Guilhem Moulin)

1
2

bugs [bug history graph]

all: 14 15
RC: 0
I&N: 5
M&W: 8
F&P: 1 2
patch: 1

links

homepage
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (98, -)

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.4.10+dfsg.1-1
67 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing