[Pkg-roundcube-maintainers] Bug#847287: Bug#847287: roundcube: Roundcube 1.2.2: Remote command execution via malicious email composing
Guilhem Moulin
guilhem at guilhem.org
Tue Dec 6 23:30:42 UTC 2016
Hi,
On Tue, 06 Dec 2016 at 23:05:59 +0000, Juan Rossi wrote:
> Version: 1.1.4+dfsg.1-1~bpo8+1
> […]
> So probably it is important to update to upstream version 1.2.3
Unfortunately 1.2.x has many dependencies that aren't in
jessie-backports yet. I personally don't have the time nor energy to
maintain said dependencies, so we asked backports folks for an exception
to stick to 1.1.x for the bpo version, exception which was rejected.
I'm afraid the remaining alternative is to take remove the package from
jessie-backports :-(
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-roundcube-maintainers/attachments/20161207/90d23a57/attachment.sig>
More information about the Pkg-roundcube-maintainers
mailing list