roundcube - Debian Package Tracker

general

source: roundcube (main)
version: 1.6.0+dfsg-1.1
maintainer: Debian Roundcube Maintainers (archive) (DMD)
uploaders: Guilhem Moulin [DMD] – Sandro Knauß [DMD] – Vincent Bernat [DMD]
arch: all
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.2.3+dfsg.1-4+deb9u6
o-o-sec: 1.2.3+dfsg.1-4+deb9u10
oldstable: 1.3.17+dfsg.1-1~deb10u2
old-sec: 1.3.17+dfsg.1-1~deb10u2
old-bpo: 1.4.13+dfsg.1-1~deb11u1~bpo10+1
stable: 1.4.13+dfsg.1-1~deb11u1
stable-sec: 1.4.13+dfsg.1-1~deb11u1
testing: 1.6.0+dfsg-1.1
unstable: 1.6.0+dfsg-1.1

versioned links

1.2.3+dfsg.1-4+deb9u6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.3+dfsg.1-4+deb9u10: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.3.17+dfsg.1-1~deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.13+dfsg.1-1~deb11u1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.13+dfsg.1-1~deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.0+dfsg-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

roundcube
roundcube-core (8 bugs: 0, 4, 4, 0)
roundcube-mysql
roundcube-pgsql
roundcube-plugins
roundcube-sqlite3

action needed

Debci reports failed tests high

unstable: fail (log)
The tests ran in 0:07:11
Last run: 2022-11-27T10:32:08.000Z
Previous status: pass

testing: fail (log)
The tests ran in 0:06:50
Last run: 2022-12-02T07:20:20.000Z
Previous status: fail

stable: neutral (log)
The tests ran in 0:00:50
Last run: 2022-11-23T02:24:34.000Z
Previous status: neutral

Created: 2022-11-11 Last update: 2022-12-05 20:34

Marked for autoremoval on 31 December due to symfony: #1024308 high

Version 1.6.0+dfsg-1.1 of roundcube is marked for autoremoval from testing on Sat 31 Dec 2022. It depends (transitively) on symfony, affected by #1024308. You should try to prevent the removal by fixing these RC bugs.

Created: 2022-11-24 Last update: 2022-12-05 20:30

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2021-46144: Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences.

Created: 2022-07-04 Last update: 2022-10-17 18:30

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2021-46144: Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences.

Created: 2022-07-31 Last update: 2022-10-17 18:30

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2022-10-17 Last update: 2022-12-05 14:48

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.6.0+dfsg-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 2ae98ca7127714b3eb33daae3493317452f435d8
Author: Guilhem Moulin <guilhem@debian.org>
Date:   Fri Oct 21 00:54:21 2022 +0200

    Update changelog for 1.6.0+dfsg-2 release

commit 0aeff7f97ff0c1731184e7b947ad61a72b5071f3
Author: Guilhem Moulin <guilhem@debian.org>
Date:   Fri Oct 21 01:03:03 2022 +0200

    Acknowledge Michael Biebl's NMU.
    
    See https://lists.debian.org/msgid-search/d7dc196f-ea10-9ac0-9d04-115d31561adc@debian.org .

commit 7f82db36bc86a17ea71eaf4cf5296eb507f63fdd
Author: Guilhem Moulin <guilhem@debian.org>
Date:   Sat Oct 15 17:22:33 2022 +0200

    d/control: Build-Depends: Drop versioned constraint on uglifyjs.
    
    Unnecessary since buster (oldstable).

commit 8d09f2d76be217867afbf7f6361fc0a86d15a8cc
Author: Guilhem Moulin <guilhem@debian.org>
Date:   Tue Aug 16 20:01:16 2022 +0200

    Salsa CI: Include recipes/debian.yml.
    
    Not its dependencies.  Per recommendation from the Salsa CI maintainers:
    https://salsa.debian.org/salsa-ci-team/pipeline#basic-use .

commit 4eaff673cad34eff0c29a85df059bfc51e288443
Author: Guilhem Moulin <guilhem@debian.org>
Date:   Sat Aug 6 13:06:33 2022 +0200

    Salsa CI: Install suitable RDBMS before running piuparts.
    
    This is a workaround for https://bugs.debian.org/1015732 .

commit f5c682284af726a921376e77736785b281bf23fb
Author: Guilhem Moulin <guilhem@debian.org>
Date:   Fri Jul 29 22:43:17 2022 +0200

    Salsa CI: Restore piuparts job.
    
    With 1.6 in unstable there is currently no schema upgrade between the
    version in unstable and the version to be uploaded, so piupart isn't
    bound to fail anymore.
    
    This (partially) reverts commit 1cf4b01e08a3573276a7162c4bb589fb3c73956d.

Created: 2022-08-06 Last update: 2022-11-28 02:37

lintian reports 7 warnings normal

Lintian reports 7 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2022-07-30 Last update: 2022-07-30 12:16

No known security issue in bullseye wishlist

There is 1 open security issue in bullseye.

1 ignored issue:

CVE-2019-15237: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.

Created: 2022-07-04 Last update: 2022-10-17 18:30

news

[rss feed]

[2022-10-18] roundcube 1.6.0+dfsg-1.1 MIGRATED to testing (Debian testing watch)
[2022-10-15] Accepted roundcube 1.6.0+dfsg-1.1 (source) into unstable (Michael Biebl)
[2022-07-31] roundcube 1.6.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-07-29] Accepted roundcube 1.6.0+dfsg-1 (source) into unstable (Guilhem Moulin)
[2022-06-29] Accepted roundcube 1.6~rc+dfsg-2 (source) into experimental (Guilhem Moulin)
[2022-06-12] Accepted roundcube 1.6~rc+dfsg-1 (source) into experimental (Guilhem Moulin)
[2022-05-11] Accepted roundcube 1.6~beta+dfsg-2 (source) into experimental (Guilhem Moulin)
[2022-03-14] Accepted roundcube 1.6~beta+dfsg-1 (source) into experimental (Guilhem Moulin)
[2022-02-08] roundcube REMOVED from testing (Debian testing watch)
[2022-01-12] Accepted roundcube 1.2.3+dfsg.1-4+deb9u10 (source) into oldoldstable (Guilhem Moulin)
[2022-01-11] Accepted roundcube 1.4.13+dfsg.1-1~deb11u1~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Guilhem Moulin)
[2022-01-08] Accepted roundcube 1.3.17+dfsg.1-1~deb10u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2022-01-08] Accepted roundcube 1.4.13+dfsg.1-1~deb11u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2022-01-08] Accepted roundcube 1.4.13+dfsg.1-1~deb11u1 (source) into stable-security->embargoed, stable-security (Debian FTP Masters) (signed by: Guilhem Moulin)
[2022-01-08] Accepted roundcube 1.3.17+dfsg.1-1~deb10u2 (source) into oldstable->embargoed, oldstable (Debian FTP Masters) (signed by: Guilhem Moulin)
[2021-12-15] Accepted roundcube 1.4.12+dfsg.1-1~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Guilhem Moulin)
[2021-12-07] roundcube 1.5.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-12-06] Accepted roundcube 1.2.3+dfsg.1-4+deb9u9 (source) into oldoldstable (Markus Koschany)
[2021-12-04] Accepted roundcube 1.5.1+dfsg-1 (source) into unstable (Guilhem Moulin)
[2021-11-29] Accepted roundcube 1.3.17+dfsg.1-1~deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2021-11-29] Accepted roundcube 1.4.12+dfsg.1-1~deb11u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2021-11-27] Accepted roundcube 1.3.17+dfsg.1-1~deb10u1 (source) into oldstable->embargoed, oldstable (Debian FTP Masters) (signed by: Guilhem Moulin)
[2021-11-27] Accepted roundcube 1.4.12+dfsg.1-1~deb11u1 (source) into stable-security->embargoed, stable-security (Debian FTP Masters) (signed by: Guilhem Moulin)
[2021-11-03] roundcube 1.5.0+dfsg.1-2 MIGRATED to testing (Debian testing watch)
[2021-10-23] Accepted roundcube 1.5.0+dfsg.1-2 (source) into unstable (Guilhem Moulin)
[2021-10-23] Accepted roundcube 1.5.0+dfsg.1-1 (source) into unstable (Guilhem Moulin)
[2021-10-16] Accepted roundcube 1.5~rc+dfsg.1-3 (source) into experimental (Guilhem Moulin)
[2021-10-08] Accepted roundcube 1.5~rc+dfsg.1-2 (source) into experimental (Guilhem Moulin)
[2021-07-06] Accepted roundcube 1.5~rc+dfsg.1-1 (source) into experimental (Guilhem Moulin)
[2021-05-29] Accepted roundcube 1.5~beta+dfsg.1-4 (source) into experimental (Guilhem Moulin)

bugs [bug history graph]

all: 8
RC: 0
I&N: 4
M&W: 4
F&P: 0
patch: 0

links

homepage
lintian (0, 7)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (98, -)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.6.0+dfsg-1.1
74 bugs