[Pkg-roundcube-maintainers] roundcube_1.6.12+dfsg-0+deb13u1_source.changes ACCEPTED into proposed-updates
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sat Dec 20 11:33:56 GMT 2025
Thank you for your contribution to Debian.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 14 Dec 2025 11:51:43 +0100
Source: roundcube
Architecture: source
Version: 1.6.12+dfsg-0+deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers at alioth-lists.debian.net>
Changed-By: Guilhem Moulin <guilhem at debian.org>
Closes: 1122899
Changes:
roundcube (1.6.12+dfsg-0+deb13u1) trixie-security; urgency=high
.
* New upstream security and bugfix release (closes: #1122899).
+ Fix CVE-2025-68461: Cross-Site-Scripting vulnerability via SVG's animate
tag.
+ Fix CVE-2025-68460: Information Disclosure vulnerability in the HTML
style sanitizer.
* Refresh d/patches.
* d/gbp.conf: Set debian-branch=debian/trixie.
* Salsa CI: Set RELEASE=trixie, disable reprotest and lintian jobs.
Checksums-Sha1:
962d6cb43f1c85fbeec88b303ac8cf35eee7209a 3860 roundcube_1.6.12+dfsg-0+deb13u1.dsc
b6102dd4c719acb400298aa6e1d8627ff194597f 126900 roundcube_1.6.12+dfsg.orig-tinymce-langs.tar.xz
70ab9651d5bf0cc002731e762ed811b1c9b96211 1928404 roundcube_1.6.12+dfsg.orig-tinymce.tar.xz
003ff398e115137a54217df58bde53f42ef4479b 2791204 roundcube_1.6.12+dfsg.orig.tar.xz
671611d82b09f579d5d44c550707135901a75e7d 153696 roundcube_1.6.12+dfsg-0+deb13u1.debian.tar.xz
30e59687139d87ffca0fde0c1c388b3561200223 6280 roundcube_1.6.12+dfsg-0+deb13u1_source.buildinfo
Checksums-Sha256:
02670576c9a9e0603e399da567efb7530855d11fbc899b23c2f08bcf9b8099fb 3860 roundcube_1.6.12+dfsg-0+deb13u1.dsc
488276066b6044d9aa7fed66559bed399cbcb9fac6a4d2ea63e0a7858ca9c46e 126900 roundcube_1.6.12+dfsg.orig-tinymce-langs.tar.xz
9c9a759800812e9e658760c382707f04dab5f9d047bd77e693693e8a840eab7d 1928404 roundcube_1.6.12+dfsg.orig-tinymce.tar.xz
6ca741ee8b98f643b2038ac5415daa5836013d92c874b0bfcf81efa2f3229ca4 2791204 roundcube_1.6.12+dfsg.orig.tar.xz
8b80553ca84af38a40f79ed7bab52d94ded9ac4fc81414e8e871c06cd7f53a24 153696 roundcube_1.6.12+dfsg-0+deb13u1.debian.tar.xz
3ae02f6170728232661aef4c9b90ab7b63c2860190e688b63926265e2c90ed56 6280 roundcube_1.6.12+dfsg-0+deb13u1_source.buildinfo
Files:
24cac6cc1a548fc087fb7a5459ec20f5 3860 web optional roundcube_1.6.12+dfsg-0+deb13u1.dsc
66af8f1d0cbfa3b7e16e7d9350a964c5 126900 web optional roundcube_1.6.12+dfsg.orig-tinymce-langs.tar.xz
50a2e20e6d8ec1abda11aa7d575e1f95 1928404 web optional roundcube_1.6.12+dfsg.orig-tinymce.tar.xz
8b305f7c4db83506df9deec4705866dd 2791204 web optional roundcube_1.6.12+dfsg.orig.tar.xz
92383ae09b109d8e88c33e701319747d 153696 web optional roundcube_1.6.12+dfsg-0+deb13u1.debian.tar.xz
0767ff9744bb094738d10b37c43fc624 6280 web optional roundcube_1.6.12+dfsg-0+deb13u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmlD6WYACgkQ05pJnDwh
pVJ/zhAAq/JIXvvUIA5LAeyrvep/KNdJO//6rA0pQCCdcyHAmeqNxQVD+ALbzVyT
bqZUv4XcdGhyZ190dg26bwCTGnZ8GQ9rYVWgBpy13PbZK8PEFIyt4LyzUH9/tDgC
3eiDwZ0e0IJV42ImhMkKmTMo+VZKJXf485K61/ekEyYCARAyjvQ4Ql8jXvjfa6tg
bC06HcZgV8jcWiRqFsdubktiHBwJfaVu0SP770O0T46pBvJcHbpaniEad3uyTUQr
pgpU8d489gnXP8rC5lZ5y8WonjW2hV7Ai1rIkHyg/KShXEv7mO++vaKx7ASwzJbQ
zU2XLXqe7Vb3l6On06MkD70ARl17mzfXFcsg08+tG37POPot5F1zFnc3RaOBrmlu
dCX7uBCf6ePxF2hOvFaUx+UJFRR0VNsIrhbxmQEjbmyde0g7RRB0Op2VBcP1CCIg
dLRXgjnbP6pcpx3qgR1dNCVEVnGZzLJ65tcbROUg6P5/4+0ANy+ymY3b7ERZ9pQA
a8Wbhug/q1SvrfHOWP6qMYwG0yVMfL0i2ajIzJx5ObuhIZJICsoP2f3nbV25uqmV
fKFlSH8slD/fyMN6B09MRNPo+Q0Y5A3H8ZdCm2kAPJghsHuuprBlTDj/+PlKSK8k
xfQ7cnPLvFwZg4FEJ3cuMkJOkVCDT1FeGm6MPPiYe1EEnHRD7wA=
=iOtA
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-roundcube-maintainers/attachments/20251220/bd4115a7/attachment.sig>
More information about the Pkg-roundcube-maintainers
mailing list