[Pkg-roundcube-maintainers] Processed: reassign 1056702 to src:roundcube, forcibly merging 1055421 1056702

Debian Bug Tracking System owner at bugs.debian.org
Sat Nov 25 01:54:06 GMT 2023


Processing commands for control at bugs.debian.org:

> reassign 1056702 src:roundcube
Bug #1056702 [roundcube] roundcube: Cross-site scripting (XSS) vulnerability
Bug reassigned from package 'roundcube' to 'src:roundcube'.
Ignoring request to alter found versions of bug #1056702 to the same values previously set
Ignoring request to alter fixed versions of bug #1056702 to the same values previously set
> forcemerge 1055421 1056702
Bug #1055421 {Done: Guilhem Moulin <guilhem at debian.org>} [src:roundcube] roundcube: CVE-2023-47272: cross-site scripting (XSS) vulnerability in setting Content-Type/Content-Disposition for attachment preview/download
Bug #1056702 [src:roundcube] roundcube: Cross-site scripting (XSS) vulnerability
Marked Bug as done
Marked as fixed in versions roundcube/1.6.5+dfsg-1.
Marked as found in versions roundcube/1.6.4+dfsg-1, roundcube/1.6.4+dfsg-1~deb12u1, and roundcube/1.4.15+dfsg.1-1~deb11u1.
Added tag(s) upstream and security.
Merged 1055421 1056702
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1055421: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055421
1056702: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056702
Debian Bug Tracking System
Contact owner at bugs.debian.org with problems



More information about the Pkg-roundcube-maintainers mailing list