[Pkg-roundcube-maintainers] Bug#536498: Please backport roundcube CVE-2008-5619
Vincent Bernat
bernat at debian.org
Sat Jul 11 10:17:35 UTC 2009
OoO Vers la fin de l'après-midi du vendredi 10 juillet 2009, vers 16:21,
Benjamin Bannier <benni at netronaut.de> disait :
> I have roundcube 0.1.1.10 installed from backports, and I see people
> exploiting roundcube CVE-2008-5619
> (http://trac.roundcube.net/ticket/1485618).
> Any chances the fix mentioned there could be backported to etch?
Ubuntu has a patch for this version, so we should be able to provide a
backport for Etch:
https://bugs.launchpad.net/ubuntu/+source/roundcube/+bug/316550
However, the backport is really old and a lot of bugs have been fixed
since then. Unfortunately, a more recent roundcube version would require
to backport a lot of dependencies for PHP.
Romain, would you like to apply the mentioned patch to the backport?
--
L'avantage du fromage sur les amricains,
c'est qu'il y a une culture dedans.
-+- MZ in: Guide du Cabaliste Usenet - chapitre 9 - le gros 8 -+-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-roundcube-maintainers/attachments/20090711/d2549778/attachment.pgp>
More information about the Pkg-roundcube-maintainers
mailing list