[Pkg-roundcube-maintainers] roundcube_1.2.3+dfsg.1-4+deb9u2_amd64.changes ACCEPTED into proposed-updates->stable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sat Apr 28 07:04:52 BST 2018
Mapping stable-security to proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 21 Apr 2018 01:51:56 +0200
Source: roundcube
Binary: roundcube-core roundcube roundcube-mysql roundcube-pgsql roundcube-sqlite3 roundcube-plugins
Architecture: source all
Version: 1.2.3+dfsg.1-4+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers at lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem at debian.org>
Description:
roundcube - skinnable AJAX based webmail solution for IMAP servers - metapack
roundcube-core - skinnable AJAX based webmail solution for IMAP servers
roundcube-mysql - metapackage providing MySQL dependencies for RoundCube
roundcube-pgsql - metapackage providing PostgreSQL dependencies for RoundCube
roundcube-plugins - skinnable AJAX based webmail solution for IMAP servers - plugins
roundcube-sqlite3 - metapackage providing SQLite dependencies for RoundCube
Closes: 895184
Changes:
roundcube (1.2.3+dfsg.1-4+deb9u2) stretch-security; urgency=high
.
* Backport fix for CVE-2018-9846: When the archive plugin enabled and
configured, it's possible to exploit the unsanitized, user-controlled
"_uid" parameter to perform an MX (IMAP) injection attack.
https://github.com/roundcube/roundcubemail/issues/6238
(Closes: #895184).
* Backport fix for CVE-2018-1000071: Insecure Permissions vulnerability in
enigma plugin that can result in exfiltration of gpg private key.
https://github.com/roundcube/roundcubemail/issues/6173
Checksums-Sha1:
6a359e829f19c379e762181ab75c627371bc4c42 2472 roundcube_1.2.3+dfsg.1-4+deb9u2.dsc
df776bd2def41a0ed99bd55f5ec8f0fe73610fec 4445436 roundcube_1.2.3+dfsg.1-4+deb9u2.debian.tar.xz
4d468f1f8efe884df521d169a338141196a43c47 2112714 roundcube-core_1.2.3+dfsg.1-4+deb9u2_all.deb
cf178dbb7f6d83dabacf99718ec2ddade77eb786 71110 roundcube-mysql_1.2.3+dfsg.1-4+deb9u2_all.deb
7aab15d4fd6b8e9a7c0e5d3596ab881e779583e6 71084 roundcube-pgsql_1.2.3+dfsg.1-4+deb9u2_all.deb
443b7997b07f05589b18807fd5daa73be3089694 661412 roundcube-plugins_1.2.3+dfsg.1-4+deb9u2_all.deb
fdaa7773b982bd735bfb60aebec5fdaadbe558b3 71066 roundcube-sqlite3_1.2.3+dfsg.1-4+deb9u2_all.deb
1e3bc631574f54f36097fedef70bdb43d6d68f7c 1380 roundcube_1.2.3+dfsg.1-4+deb9u2_all.deb
615fcce7c02eee2a1663b691eda976375cb49140 9513 roundcube_1.2.3+dfsg.1-4+deb9u2_amd64.buildinfo
Checksums-Sha256:
78d77a87e616607ac6adeb0c0e8994d50fdd1373d7dd36913d871247f7092814 2472 roundcube_1.2.3+dfsg.1-4+deb9u2.dsc
85746595e5f4da97b08901816975bfd519995cceab206ba2436d00eddf562329 4445436 roundcube_1.2.3+dfsg.1-4+deb9u2.debian.tar.xz
102c099eaed4147568d574175052805e54ecf46d6db2f37553a7e66e878fb0c8 2112714 roundcube-core_1.2.3+dfsg.1-4+deb9u2_all.deb
2cd413915315cc5169cf42da7d16ef32a2a706700578b32eb97172b4b459d6a5 71110 roundcube-mysql_1.2.3+dfsg.1-4+deb9u2_all.deb
8ff0d988bd52537c39ab9879bab24910e2ba0efed3dc1fbf5e1c74d5a1a6b5ed 71084 roundcube-pgsql_1.2.3+dfsg.1-4+deb9u2_all.deb
ddb9b1543847246118b5686cfded13f2564d5e022ab3ca4c478c33d7a354b070 661412 roundcube-plugins_1.2.3+dfsg.1-4+deb9u2_all.deb
213c03d7c6c9a1adef3f7683b50868f0461a77ed2a99833c80bc998b2899dda8 71066 roundcube-sqlite3_1.2.3+dfsg.1-4+deb9u2_all.deb
38228583be070eb7d7bb5b4b43d62bac42b3a3df4649532ac7d3646abd6e9594 1380 roundcube_1.2.3+dfsg.1-4+deb9u2_all.deb
19ad44aa0dbfc429114aa380dbb4a04b9a8c5d16d83118edf0edfb8161f863fd 9513 roundcube_1.2.3+dfsg.1-4+deb9u2_amd64.buildinfo
Files:
97f929955f2f98ca4e0baad7e6154e54 2472 web extra roundcube_1.2.3+dfsg.1-4+deb9u2.dsc
80cf31a9d2867bf404e2bbe04d979319 4445436 web extra roundcube_1.2.3+dfsg.1-4+deb9u2.debian.tar.xz
de73f437b188f4727c099fdd75602313 2112714 web extra roundcube-core_1.2.3+dfsg.1-4+deb9u2_all.deb
794318b8bdfca315380c518d330bd491 71110 web extra roundcube-mysql_1.2.3+dfsg.1-4+deb9u2_all.deb
8252b10a26065fd702cca874ab567adf 71084 web extra roundcube-pgsql_1.2.3+dfsg.1-4+deb9u2_all.deb
e5c5cebd124c2e39fac8cb78f718377e 661412 web extra roundcube-plugins_1.2.3+dfsg.1-4+deb9u2_all.deb
cad461c3e434946277e0f520651d291a 71066 web extra roundcube-sqlite3_1.2.3+dfsg.1-4+deb9u2_all.deb
33ec5b958c270b46f4b40d38675a59a3 1380 web extra roundcube_1.2.3+dfsg.1-4+deb9u2_all.deb
706cf12e10b0f9a80d3d846b67e4d2ff 9513 web extra roundcube_1.2.3+dfsg.1-4+deb9u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAlrafpEACgkQ05pJnDwh
pVKx4RAAvrkMs6IKtOdJ8+PyE0ZNNOBsYTonwBnNyO3MzTPxBKbssdOHWFPnDz9E
k4XqkmCPazpz6G7D31LGanOuYFsxJVI8CxuZw42hKYYlHTyjRmq0qnwZzKXZ/NmK
/zMzysRfpAbgcX5Q9fgwoq+yy0uVGpd+zogftkDybLkX1GpaGWDeroTSTZovdzlh
WVyPD+im+xy2f1bHHF13aDQEruwAWelNLzfRAoAViuyzAhJ2ohRlBcXiPNBT5pOY
T4nPvFItlZaH/dCUHh3UI13Ro2nYa4ouRVCJVK+ZhLAxUhj5lFkizcDiepQUAPIi
5PcTZUGachTBTy+uEcDuP3b8zmDlKkFoR0Wmt7b5J2YFnZxNr/acOZlpz135YGkb
SHb0mbO0+5zInX876r6bYS1wpry3qZEp7xJAsfia5Q69vhtfQxRFWWY2k/QPlPWX
WotHGzGx79qCNHbrB5d0rtc8Fqz6gx1OoO8JlXdGdjMNsP+Msq3d7hxV0xQFXWTD
Hc6sVmaOizMuWzwJsHW4RsgyF/ridGAEfYx923dhqqPtUC1iniaUTi6WMpYvpf4x
Ffd4WGmjIvI+lVsWHeaHdRt2d+0EdZFPUQMII302z8pDCNDUqw/GzleRKhD+YEdf
V3F5+5S1BUACyO1fScIM+YkSTqYxT3gtTBRJgRLBp7H2YLW3XDc=
=k6Vi
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-roundcube-maintainers
mailing list