[Pkg-roundcube-maintainers] Security issues in roundcube 1.2.3+dfsg.1-4+deb9u4 and 1.3.11+dfsg.1-1~deb10u1
Sébastien Delafond
seb at debian.org
Tue Jun 9 13:45:26 BST 2020
On 09/06 14:31, Guilhem Moulin wrote:
> Ooops my bad, I originally thought it wasn't affected; tweaked the
> upstream patch once I noticed it actually was, but of course I forgot
> to update the changelog :-P
No worries at all.
> Done with the attached debdiffs. Note that meanwhile upstream has
> released 1.3.13 which is what I just uploaded in the interest of
> following the 1.3.x branch. I assume it's not controversial since it
> only differs with a one-liner in installer/test.php (“regression in
> SMTP test section”) which we don't use. Lemme know if you'd prefer we
> stick to 1.3.12 for the time being :-)
No, that's perfectly fine. I'll take care of the DSA either later today,
or more realistically tomorrow.
Cheers,
--
Seb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-roundcube-maintainers/attachments/20200609/3104c2a5/attachment-0001.sig>
More information about the Pkg-roundcube-maintainers
mailing list