[Pkg-roundcube-maintainers] CVE-2023-47272/roundcube: {bullseye, bookworm}-security uploads
Sébastien Delafond
seb at debian.org
Thu Nov 30 06:46:28 GMT 2023
On Tue, Nov 28 2023, Guilhem Moulin wrote:
> I'd like to propose the attach debdiffs to fix CVE-2023-47272/roundcube.
>
> Bullseye and Bookworm have respectively been following upstream's LTS
> (1.4) and stable (1.6) branch. Upstream has not released 1.4.16 yet so
> I backported the fix from the release-1.4 branch for Bullseye. However
> for Bookworm I imported new bugfix/security upstream release 1.6.5 like
> for previous security fixes.
>
> Both 1.4.15+dfsg.1-1~deb11u2 and 1.6.5+dfsg-1~deb12u1 have been tested.
> (Also upstream's new unit tests are run at build time.)
Hi Guilhem,
thanks for the debdiffs, I'll review them shortly.
Cheers,
--
Seb
More information about the Pkg-roundcube-maintainers
mailing list