[Pkg-roundcube-maintainers] Bug#1127447: roundcube: CSS injection vulnerability and remote image blocking bypass
Guilhem Moulin
guilhem at debian.org
Fri Feb 13 11:33:14 GMT 2026
Hi,
On Fri, 13 Feb 2026 at 11:10:14 +0100, Sébastien Delafond wrote:
> On Wed, Feb 11 2026, Salvatore Bonaccorso wrote:
>> We will have a look at your proposed update and come back to you.
>
> thanks for providing those two updates, they both look fine to me:
> please upload to security-master.
Thanks for reviewing! Uploaded both to security-master now. dput-ng
reminded me that I incorrectly targeted bookworm instead of bookworm-
security, which is now fixed (along with wording improvements in
d/changelog). So the uploaded 1.6.5+dfsg-1+deb12u7 isn't byte-for-byte
what I submitted earlier as debdiff, sorry for that. Only d/changelog
was changed though, the rest remains the same.
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-roundcube-maintainers/attachments/20260213/07fda857/attachment.sig>
More information about the Pkg-roundcube-maintainers
mailing list