Package Release Info

roundcubemail-1.3.16-bp152.4.10.1

Update Info: openSUSE-2021-959
Available in Package Hub : 15 SP2 Update

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

roundcubemail

Change Logs

* Mon Dec 28 2020 Lars Vogdt <lars@linux-schulserver.de>

- Upgrade to version 1.3.16
  This is a security update to the LTS version 1.3.
  It fixes a recently reported stored cross-site scripting (XSS)
  vulnerability via HTML or plain text messages with malicious content.
  References:
  [CVE-2020-18670]: boo#1187707
  [CVE-2020-18671]: boo#1187706
  [CVE-2020-35730]: boo#1180399

Version: 1.3.16-bp151.4.6.1

* Mon Dec 28 2020 Lars Vogdt <lars@linux-schulserver.de>

- update to 1.4.10:
  * Stored cross-site scripting (XSS) via HTML or plain text messages
    with malicious content ( CVE-2020-35730 boo#1180399 )
  * Fix extra angle brackets in In-Reply-To header derived from mailto: params (#7655)
  * Fix folder list issue when special folder is a subfolder (#7647)
  * Fix Elastic's folder subscription toggle in search result (#7653)
  * Fix state of subscription toggle on folders list after changing
    folder state from the search result (#7653)
  * Security: Fix cross-site scripting (XSS) via HTML or plain text
    messages with malicious content

Version: 1.3.15-bp153.1.14

Version: 1.3.15-bp152.4.3.1

Version: 1.3.15-bp151.4.3.1

* Thu Aug 13 2020 Lars Vogdt <lars@linux-schulserver.de>

- finally renamed roundcubemail-1.4.8-config_dir.patch to
  roundcubemail-config_dir.patch to avoid additional roundtrip
  times with each submission:
  + removed roundcubemail-1.4.7-config_dir.patch
  + added  roundcubemail-config_dir.patch