[Pkg-roundcube-maintainers] roundcube_1.6.5+dfsg-1+deb12u7_source.changes ACCEPTED into oldstable-proposed-updates->oldstable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Tue Feb 17 09:05:02 GMT 2026
Thank you for your contribution to Debian.
Mapping oldstable-security to oldstable-proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 11 Feb 2026 12:05:21 +0100
Source: roundcube
Architecture: source
Version: 1.6.5+dfsg-1+deb12u7
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers at alioth-lists.debian.net>
Changed-By: Guilhem Moulin <guilhem at debian.org>
Closes: 1127447
Changes:
roundcube (1.6.5+dfsg-1+deb12u7) bookworm-security; urgency=high
.
* Cherry pick upstream security fixes from v1.6.13 (closes: #1127447):
+ Fix CVE-2026-26079: CSS injection vulnerability.
+ Fix CVE-2026-25916: Remote image blocking bypass via SVG content.
+ Improve fix for CVE-2025-68460.
Checksums-Sha1:
baf1670e056c25f13622e99a25835baccaa048d9 3833 roundcube_1.6.5+dfsg-1+deb12u7.dsc
a0a8ee6c2cad60548600727e5af42a7ae48267b3 124820 roundcube_1.6.5+dfsg-1+deb12u7.debian.tar.xz
d8c5cdcbb82ca87dcbeb83992f27d1f3cc30ea98 6214 roundcube_1.6.5+dfsg-1+deb12u7_source.buildinfo
Checksums-Sha256:
1092689c9ab26784d1123819a3522c8ab7338c8fefd96d832c87ebb5ebd8303a 3833 roundcube_1.6.5+dfsg-1+deb12u7.dsc
30ec1f0408284f528bdf95ce23285fc4ee8b4be1a361a805d380b031a0d13927 124820 roundcube_1.6.5+dfsg-1+deb12u7.debian.tar.xz
a47e109b2da438095358f5f8e4dec02984ea3955f9eab1157d3515cd483a3f69 6214 roundcube_1.6.5+dfsg-1+deb12u7_source.buildinfo
Files:
a0df41a9ee1036846f23ea18854977a4 3833 web optional roundcube_1.6.5+dfsg-1+deb12u7.dsc
ebd6ffc05d7802c3e333baa24728be47 124820 web optional roundcube_1.6.5+dfsg-1+deb12u7.debian.tar.xz
15c0a916f2381938215a949d5548f42f 6214 web optional roundcube_1.6.5+dfsg-1+deb12u7_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmmPCrQACgkQ05pJnDwh
pVKwBg/8CGw1xBtRPF1cHtf4INqEV9PCrMtXyRNHazPXdp5M7ingxcWPikGYiSK3
xHmp83J7P/6Zals5g/w6PYuDwt6xw62jGKiQBjTO8PSPUVfhrN9pY4CQYoZ1hAkf
RvUx3DZe0YLzKgf2cOk/Bva4g4Vm4gMf4kT1WIoCwEcMuf/EEjOy5nxOSc8sOpzH
fDG57Ps5Aex5GR2RjRYqwXXZL9HrLlhSBiEnue9tKsd21A/G9IpVjcG7b7WS+uFJ
xfHRKCwzEK099Jfperh7S06pzC0EJk26GApfqCWNvLTrVo7CRym2ENeBVN0hNxL6
d4OG15rmBsKfqAVJcGO5wPaxqhISFXAFX0STYJOjQ7gMVwOdV+jcfPizVbzeI+5s
PQ8SfHd9A5N1+14AyKUWdMjolwNGrK5GkMbCZBhZUUM7LybRdGpr8ptlG0kDfvgp
XVXzpQeN55iSt5p1TzXfts3cA/4lTvyal+5wGQwuqpYld/eTgEGgjDa42m/xrbfW
uYF1Hv1oVDo+UC/zuXFvHBI67m6qBORuPfAP8dvIAwn/aeaDMv+ucFfHuWA9a6kP
pjBDs6PXSBRa3BpCe8VdSV6okCOhpMhbF48fQzC7BjVJfWTnyfa7qT6La0ukNRmj
HbFpHYZ+INyEoSYork5xD8wWlDip3cK6XV6uiK96Ik49//3UCq0=
=8GAW
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-roundcube-maintainers/attachments/20260217/a5020011/attachment.sig>
More information about the Pkg-roundcube-maintainers
mailing list