[Pkg-roundcube-maintainers] Bug#857473: Bug#857473: roundcube: XSS issue in handling of a style tag inside of an svg element
Vincent Bernat
bernat at debian.org
Tue Mar 14 06:40:34 UTC 2017
❦ 14 mars 2017 04:16 +0100, Guilhem Moulin <guilhem at guilhem.org> :
>> 1.2.4 roundcube release fixed a XSS issue in handling of a style tag
>> inside of an svg element.
>
> Thanks for the ping and the pointers! I applied the fix to 1.2.3
> (unstable) and 1.1.5 (jessie-backports).
>
> Could someone else in the team upload the two source packages? I don't
> have upload privileges :-P (Also I didn't tag the releases.)
Both of them uploaded.
--
Program defensively.
- The Elements of Programming Style (Kernighan & Plauger)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-roundcube-maintainers/attachments/20170314/8752c63e/attachment.sig>
More information about the Pkg-roundcube-maintainers
mailing list