Register | Log in

roundcube

skinnable AJAX based webmail solution for IMAP servers - metapackage

Choose email to subscribe with

general

source: roundcube (main)
version: 1.4.7+dfsg.2-1
maintainer: Debian Roundcube Maintainers (archive) (DMD)
uploaders: Vincent Bernat [DMD] – Guilhem Moulin [DMD] – Sandro Knauß [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1.2.3+dfsg.1-4+deb9u6
old-sec: 1.2.3+dfsg.1-4+deb9u5
stable: 1.3.14+dfsg.1-1~deb10u1
stable-sec: 1.3.14+dfsg.1-1~deb10u1
stable-bpo: 1.4.7+dfsg.2-1~bpo10+1
testing: 1.4.7+dfsg.2-1
unstable: 1.4.7+dfsg.2-1

versioned links

1.2.3+dfsg.1-4+deb9u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.3+dfsg.1-4+deb9u6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.3.14+dfsg.1-1~deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.7+dfsg.2-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.7+dfsg.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

roundcube (13 bugs: 0, 7, 6, 0)
roundcube-core (2 bugs: 0, 1, 1, 0)
roundcube-mysql
roundcube-pgsql
roundcube-plugins
roundcube-sqlite3

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-15237: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.

Please fix it.

Created: 2019-04-07 Last update: 2020-08-07 06:08

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2019-15237: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.

Please fix it.

Created: 2019-07-07 Last update: 2020-08-07 06:08

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2020-06-28 Last update: 2020-08-07 19:32

3 ignored security issues in stretch low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2018-19205: Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php.
CVE-2019-10740: In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.
CVE-2019-15237: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.

Please fix them.

Created: 2018-11-12 Last update: 2020-08-07 06:08

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-15237: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.

Please fix it.

Created: 2019-04-07 Last update: 2020-08-07 06:08

news

[2020-08-03] Accepted roundcube 1.4.7+dfsg.2-1~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-08-03] roundcube 1.4.7+dfsg.2-1 MIGRATED to testing (Debian testing watch)
[2020-07-24] Accepted roundcube 1.4.7+dfsg.2-1 (source) into unstable (Guilhem Moulin)
[2020-07-09] Accepted roundcube 1.2.3+dfsg.1-4+deb9u6 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-07-08] Accepted roundcube 1.3.14+dfsg.1-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-07-08] Accepted roundcube 1.4.7+dfsg.1-1~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-07-08] Accepted roundcube 1.3.14+dfsg.1-1~deb10u1 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-07-08] roundcube 1.4.7+dfsg.1-1 MIGRATED to testing (Debian testing watch)
[2020-07-05] Accepted roundcube 1.4.7+dfsg.1-1 (source) into unstable (Guilhem Moulin)
[2020-07-04] Accepted roundcube 1.4.6+dfsg.1-3 (source) into unstable (Guilhem Moulin)
[2020-06-23] Accepted roundcube 1.4.6+dfsg.1-2~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-06-23] roundcube 1.4.6+dfsg.1-2 MIGRATED to testing (Debian testing watch)
[2020-06-18] Accepted roundcube 1.4.6+dfsg.1-2 (source) into unstable (Guilhem Moulin)
[2020-06-18] Accepted roundcube 1.4.6+dfsg.1-1~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-06-18] roundcube 1.4.6+dfsg.1-1 MIGRATED to testing (Debian testing watch)
[2020-06-12] Accepted roundcube 1.2.3+dfsg.1-4+deb9u5 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-06-12] Accepted roundcube 1.3.13+dfsg.1-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-06-11] Accepted roundcube 1.2.3+dfsg.1-4+deb9u5 (source) into oldstable->embargoed, oldstable (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-06-11] Accepted roundcube 1.3.13+dfsg.1-1~deb10u1 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-06-07] Accepted roundcube 1.4.6+dfsg.1-1 (source) into unstable (Guilhem Moulin)
[2020-06-06] Accepted roundcube 1.4.5+dfsg.1-2 (source) into unstable (Guilhem Moulin)
[2020-06-06] Accepted roundcube 1.4.5+dfsg.1-1~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-06-06] roundcube 1.4.5+dfsg.1-1 MIGRATED to testing (Debian testing watch)
[2020-06-03] Accepted roundcube 1.4.5+dfsg.1-1 (source) into unstable (Guilhem Moulin)
[2020-05-09] Accepted roundcube 1.2.3+dfsg.1-4+deb9u4 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-05-09] Accepted roundcube 1.3.11+dfsg.1-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-05-05] Accepted roundcube 1.3.11+dfsg.1-1~deb10u1 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-05-05] Accepted roundcube 1.2.3+dfsg.1-4+deb9u4 (source) into oldstable->embargoed, oldstable (Debian FTP Masters) (signed by: Guilhem Moulin)
[2020-05-02] Accepted roundcube 1.4.4+dfsg.1-1~bpo10+1 (source) into buster-backports (Guilhem Moulin)
[2020-05-02] roundcube 1.4.4+dfsg.1-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 16
RC: 0
I&N: 9
M&W: 7
F&P: 0
patch: 1

links

homepage
lintian
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots
l10n (98, -)

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.4.7+dfsg.2-1
63 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing