Debian Package Tracker
Register | Log in
Subscribe

roundcube

skinnable AJAX based webmail solution for IMAP servers - metapackage

Choose email to subscribe with

general
  • source: roundcube (main)
  • version: 1.6.3+dfsg-1
  • maintainer: Debian Roundcube Maintainers (archive) (DMD)
  • uploaders: Guilhem Moulin [DMD] – Sandro Knauß [DMD] – Vincent Bernat [DMD]
  • arch: all
  • std-ver: 4.6.2
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 1.3.17+dfsg.1-1~deb10u2
  • o-o-sec: 1.3.17+dfsg.1-1~deb10u3
  • o-o-bpo: 1.4.13+dfsg.1-1~deb11u1~bpo10+1
  • oldstable: 1.4.13+dfsg.1-1~deb11u1
  • old-sec: 1.4.13+dfsg.1-1~deb11u1
  • stable: 1.6.1+dfsg-1
  • testing: 1.6.3+dfsg-1
  • unstable: 1.6.3+dfsg-1
versioned links
  • 1.3.17+dfsg.1-1~deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.3.17+dfsg.1-1~deb10u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.4.13+dfsg.1-1~deb11u1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.4.13+dfsg.1-1~deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.6.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.6.3+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • roundcube
  • roundcube-core (8 bugs: 0, 4, 4, 0)
  • roundcube-mysql
  • roundcube-pgsql
  • roundcube-plugins
  • roundcube-sqlite3
action needed
source package has 1 unsatisfiable build dependency high
  • Build dependencies in unstable cannot be satisfied on amd64 because: unsatisfied dependency on node-minimatch (>= 9)
Created: 2023-09-26 Last update: 2023-09-27 03:02
1 new commit since last upload, is it time to release? normal
vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:
commit 2e34b0a9ccfc3b44d7ea14242c3faab11729e8e5
Author: Guilhem Moulin <guilhem@debian.org>
Date:   Fri Sep 22 12:49:02 2023 +0300

    d/changelog: Retroactively mention CVE-2023-43770 for 1.6.3+dfsg-1.
Created: 2023-09-26 Last update: 2023-09-26 17:00
2 low-priority security issues in bullseye low

There are 2 open security issues in bullseye.

1 issue left for the package maintainer to handle:
  • CVE-2023-43770: (needs triaging) Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.

You can find information about how to handle this issue in the security team's documentation.

1 ignored issue:
  • CVE-2019-15237: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.
Created: 2022-07-04 Last update: 2023-09-23 06:58
1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:
  • CVE-2023-43770: (needs triaging) Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-09-19 Last update: 2023-09-23 06:58
debian/patches: 3 patches to forward upstream low

Among the 18 debian patches available in version 1.6.3+dfsg-1 of the package, we noticed the following issues:

  • 3 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.
Created: 2023-02-26 Last update: 2023-09-19 00:28
news
[rss feed]
  • [2023-09-22] Accepted roundcube 1.3.17+dfsg.1-1~deb10u3 (source) into oldoldstable (Guilhem Moulin)
  • [2023-09-20] roundcube 1.6.3+dfsg-1 MIGRATED to testing (Debian testing watch)
  • [2023-09-18] Accepted roundcube 1.6.3+dfsg-1 (source) into unstable (Guilhem Moulin)
  • [2023-07-04] roundcube 1.6.2+dfsg-1 MIGRATED to testing (Debian testing watch)
  • [2023-07-02] Accepted roundcube 1.6.2+dfsg-1 (source) into unstable (Guilhem Moulin)
  • [2023-01-27] roundcube 1.6.1+dfsg-1 MIGRATED to testing (Debian testing watch)
  • [2023-01-24] Accepted roundcube 1.6.1+dfsg-1 (source) into unstable (Guilhem Moulin)
  • [2022-12-24] roundcube 1.6.0+dfsg-2 MIGRATED to testing (Debian testing watch)
  • [2022-12-20] Accepted roundcube 1.6.0+dfsg-2 (source) into unstable (Guilhem Moulin)
  • [2022-10-18] roundcube 1.6.0+dfsg-1.1 MIGRATED to testing (Debian testing watch)
  • [2022-10-15] Accepted roundcube 1.6.0+dfsg-1.1 (source) into unstable (Michael Biebl)
  • [2022-07-31] roundcube 1.6.0+dfsg-1 MIGRATED to testing (Debian testing watch)
  • [2022-07-29] Accepted roundcube 1.6.0+dfsg-1 (source) into unstable (Guilhem Moulin)
  • [2022-06-29] Accepted roundcube 1.6~rc+dfsg-2 (source) into experimental (Guilhem Moulin)
  • [2022-06-12] Accepted roundcube 1.6~rc+dfsg-1 (source) into experimental (Guilhem Moulin)
  • [2022-05-11] Accepted roundcube 1.6~beta+dfsg-2 (source) into experimental (Guilhem Moulin)
  • [2022-03-14] Accepted roundcube 1.6~beta+dfsg-1 (source) into experimental (Guilhem Moulin)
  • [2022-02-08] roundcube REMOVED from testing (Debian testing watch)
  • [2022-01-12] Accepted roundcube 1.2.3+dfsg.1-4+deb9u10 (source) into oldoldstable (Guilhem Moulin)
  • [2022-01-11] Accepted roundcube 1.4.13+dfsg.1-1~deb11u1~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Guilhem Moulin)
  • [2022-01-08] Accepted roundcube 1.3.17+dfsg.1-1~deb10u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
  • [2022-01-08] Accepted roundcube 1.4.13+dfsg.1-1~deb11u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
  • [2022-01-08] Accepted roundcube 1.4.13+dfsg.1-1~deb11u1 (source) into stable-security->embargoed, stable-security (Debian FTP Masters) (signed by: Guilhem Moulin)
  • [2022-01-08] Accepted roundcube 1.3.17+dfsg.1-1~deb10u2 (source) into oldstable->embargoed, oldstable (Debian FTP Masters) (signed by: Guilhem Moulin)
  • [2021-12-15] Accepted roundcube 1.4.12+dfsg.1-1~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Guilhem Moulin)
  • [2021-12-07] roundcube 1.5.1+dfsg-1 MIGRATED to testing (Debian testing watch)
  • [2021-12-06] Accepted roundcube 1.2.3+dfsg.1-4+deb9u9 (source) into oldoldstable (Markus Koschany)
  • [2021-12-04] Accepted roundcube 1.5.1+dfsg-1 (source) into unstable (Guilhem Moulin)
  • [2021-11-29] Accepted roundcube 1.3.17+dfsg.1-1~deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
  • [2021-11-29] Accepted roundcube 1.4.12+dfsg.1-1~deb11u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
  • 1
  • 2
bugs [bug history graph]
  • all: 10
  • RC: 0
  • I&N: 5
  • M&W: 5
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian
  • buildd: logs, reproducibility, debcheck
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • l10n (99, -)
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 1.6.2+dfsg-1
  • 76 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing