[Pkg-roundcube-maintainers] roundcube_1.6.13+dfsg-0+deb13u1_source.changes ACCEPTED into proposed-updates->stable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Tue Feb 17 09:05:16 GMT 2026
Thank you for your contribution to Debian.
Mapping stable-security to proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 11 Feb 2026 10:55:46 +0100
Source: roundcube
Architecture: source
Version: 1.6.13+dfsg-0+deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers at alioth-lists.debian.net>
Changed-By: Guilhem Moulin <guilhem at debian.org>
Closes: 1127447
Changes:
roundcube (1.6.13+dfsg-0+deb13u1) trixie-security; urgency=high
.
* New upstream security and bugfix release (closes: #1127447).
+ Fix CVE-2026-26079: CSS injection vulnerability.
+ Fix CVE-2026-25916: Remote image blocking bypass via SVG content.
* Refresh d/patches.
Checksums-Sha1:
c348b2e7bf4efe548605f1d67f813270b58db63f 3860 roundcube_1.6.13+dfsg-0+deb13u1.dsc
9cffccd7409097cd951c6a301230e712ca30b5ac 126848 roundcube_1.6.13+dfsg.orig-tinymce-langs.tar.xz
c841bd314674c7f069eba9d4515046045648f9ac 1928572 roundcube_1.6.13+dfsg.orig-tinymce.tar.xz
6a98b0e3c3015e0e442ef43212f9b51ff43dd0fc 2791584 roundcube_1.6.13+dfsg.orig.tar.xz
1be6ef5be71184dd2be0260e8ede8586c89f08dc 153832 roundcube_1.6.13+dfsg-0+deb13u1.debian.tar.xz
90acbf510745f924e0dd3fa71b74e208c5947b87 6218 roundcube_1.6.13+dfsg-0+deb13u1_source.buildinfo
Checksums-Sha256:
7c169487882e1ffaedd726c82501f2202373241e7df3718241a3e400e4bd79cf 3860 roundcube_1.6.13+dfsg-0+deb13u1.dsc
1750888d9f093edf8768a39596d972a05b6486c482d9e8373ddbe4f33478768f 126848 roundcube_1.6.13+dfsg.orig-tinymce-langs.tar.xz
114a0e70e70eeee5ddfa6107b0e510775cf9a8c25da1ff7a7cd6b1937321ea2d 1928572 roundcube_1.6.13+dfsg.orig-tinymce.tar.xz
47ea183831490f041f1a78e8ebd38c6ef81bc960e56bba6e7b052c8844138c27 2791584 roundcube_1.6.13+dfsg.orig.tar.xz
28b2e476cbcd70f78aed03a35701eece151505b4d0dd2ce7025e71f1b1341e1a 153832 roundcube_1.6.13+dfsg-0+deb13u1.debian.tar.xz
dfffe37effdcd76748bd9eb65673bb44cd5f4828a525769283a202eb5147c9ec 6218 roundcube_1.6.13+dfsg-0+deb13u1_source.buildinfo
Files:
fe568a5395b610448cab3af925faf886 3860 web optional roundcube_1.6.13+dfsg-0+deb13u1.dsc
faeb01ac97252b3d512f14588360c105 126848 web optional roundcube_1.6.13+dfsg.orig-tinymce-langs.tar.xz
e01238c32739e21c1395696853cef58d 1928572 web optional roundcube_1.6.13+dfsg.orig-tinymce.tar.xz
94ea1990732667ee07a8760bcf73e26c 2791584 web optional roundcube_1.6.13+dfsg.orig.tar.xz
2b746a6841b73b7bb4b23ab6055a2ee2 153832 web optional roundcube_1.6.13+dfsg-0+deb13u1.debian.tar.xz
0ffbb695c368fcff4993dd216c57bed9 6218 web optional roundcube_1.6.13+dfsg-0+deb13u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmmMU40ACgkQ05pJnDwh
pVIkmQ/7BG10vc50VlSfXxuMMHR9Yh6MHC0HsHqvRkeUkq4EQ2EhjLDqPBDIs+Ay
96A0G1nF49bdogiiXDMUqJ+r0i48ZlrWe19tslNLR2JE8u0XlcFHpi6OfHKwGhGW
K5by48BYffbr2PK4nf2cPsA5lirtotYMSh70iErbNTNzXVJAm5Gh6c99eqWdWD+0
mJaBIGLLCMV4GyRjXqPZGCSqTIa9YUQBhnBanlDtqSNXnhD66c2sloX555EXrwS9
TRAPEg2t0nkdhiBTsegSs60dLqVQuFmX8WlPPimxEQ/qZ0uw92mDKLKaIC9bDp5B
dDPXiy3jzmMwX1YJgeT1Bj3LXIduS+kVPYReWxAt9eAiS7VHJqLyDjZ1HHYU5D/F
t6zDe6WW7bHDXnBvxRBJhmDlbVO3v3wAJSiOyWrgIoBBoRDYtxO6lUR48hnczGXr
9G2kZBCSNFxoZhp3NBtAIxl+6GvLPc/5hn0JWTsRssGKRbqhpC6HFfjtg9NsDaWl
s+bnR1TG1V+E+iba6uYf158NHCQ4QzZnsz6WEC86R+YrEk53l/hu3AoTDXvzhAOm
TI4WAOqxQxi/H/gbxDYgonPZLMIkkS3IAqBaUUCydYYG92Qt2yAa1jCORW4VGu9Q
2FxOkXMIPkl0Jp5fLW9BGvt1/aQXK9GydboV8x4GQto26gp/ip8=
=Cuj0
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-roundcube-maintainers/attachments/20260217/92f46062/attachment.sig>
More information about the Pkg-roundcube-maintainers
mailing list