-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 26 May 2026 01:08:43 +0200 Source: roundcube Architecture: source Version: 1.6.5+dfsg-1+deb12u9 Distribution: bookworm-security Urgency: high Maintainer: Debian Roundcube Maintainers <[email protected]> Changed-By: Guilhem Moulin <[email protected]> Closes: 1137507 Changes: roundcube (1.6.5+dfsg-1+deb12u9) bookworm-security; urgency=high . * Cherry pick upstream security fixes from v1.6.16 (closes: #1137507). + Fix CVE-2026-48842: pre-auth SQL injection in `virtuser_query` plugin via `preg_replace()` backslash escape bypass. + Fix CVE-2026-48843: SSRF bypass via specific local address URLs. Add support non quad-dotted IPs and non-decimal fields to d/p/Avoid-dependency-on-new-package-mlocati-ip-lib.patch in order to match the new upstream behavior. + Fix CVE-2026-48844: Code injection vulnerability via code evaluation support in LDAP autovalues option. Code evaluation support has now been removed. + Fix CVE-2026-48845: Local/private URL fetch bypass when remote resources were not allowed. + Fix CVE-2026-48846: Bypass of remote image blocking via CSS `var()`. + Fix CVE-2026-48847: Pre-auth arbitrary file delete via redis/memcache session poisoning bypass. + Fix CVE-2026-48848: CSS injection bypass in HTML sanitizer via SVG <animate attributeName="style">. + Fix CVE-2026-48849: Stored XSS/HTML/CSS injection in subject field of the draft restore dialog. Checksums-Sha1: 7acc95933e8736b7d6b43bddfab968cc2caf3137 3833 roundcube_1.6.5+dfsg-1+deb12u9.dsc 4f207980ea7b88a97f6cf35be9981f4dcb70e93b 135936 roundcube_1.6.5+dfsg-1+deb12u9.debian.tar.xz a814b7fe1d5ad70c7af1ca117068f9012a1eff88 6213 roundcube_1.6.5+dfsg-1+deb12u9_source.buildinfo Checksums-Sha256: fb351499dd0090142be2e52f74b13fb06cbafc7d8fb06182ae50a6ef3d35e555 3833 roundcube_1.6.5+dfsg-1+deb12u9.dsc e01d78a17b10c6b23f494ae25e1180803b30bb56414107fdf2ba45f6f72fe5a0 135936 roundcube_1.6.5+dfsg-1+deb12u9.debian.tar.xz 792c2aa25b49b1971c90ea0f3221812eb721beea9e086e9ed9dab99a5ff1940b 6213 roundcube_1.6.5+dfsg-1+deb12u9_source.buildinfo Files: 9624bca0541d7b274830e34a311eb22d 3833 web optional roundcube_1.6.5+dfsg-1+deb12u9.dsc 2b0e1895c688c8eacb2d9679a78d5a8e 135936 web optional roundcube_1.6.5+dfsg-1+deb12u9.debian.tar.xz 7e0b0e7078bc8e42638f718e2765298c 6213 web optional roundcube_1.6.5+dfsg-1+deb12u9_source.buildinfo
-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmoWuR0ACgkQ05pJnDwh pVJbMQ//Sw9z10svHsr9ityx3bpVytowJV97vf28qDiF5knWYPfk2WzlNvpooZZV 1q9tHCzRo+7pVnx1TzLKk0iJfQV8mdTCPawqkisUiQthOSfvpj9+wvH3ijf1sbIB W0OGCYff2Oww2ivJAuRjgYcIHyAyreOyS8ZZUPQXkppV7FHTzniDCTPwmY55YXJT Yfxhp5SCg4koR6Oc+Y6JOEv9J+EVarqe80efVui5MOCw5weg58bsMMWavZWuzDKo NdTWSguF9hdzRYSgM39Iw/py5WclYZWWYlUUr0LOO6+8av8kF2RX5TtGMbzioMBv 8VxnrewTb68B9i3zyH5yhN5IGbjy1eNpTTsNdr9lX+VoI0hHc6igjAwmM6TgsmGI wruxoko9viibjHOEnhVg36kq+rHSGqre5CKXasY72dxusc7PquNI/FncJ2uj0b+P RBW4diMUa0EqW05qLSgQL5FBMI5DKWAqPKbdq6czMD93iK4niHD1D+5hj+krNsEo hTIwZqA53HE3wYH3I1B0dj3s0Y/o7MA8HbfUXSxGFQQlCiDdzZpfovL4Apu1Vgsy /qdYwCGPkEMZrf0WDLFF6RGRhL8tdQzx1+0cBt59b2KTiqB9mtPXMtxvwgjGHtZ1 rPmD2JvwHdSfdbsV7YB5FwXTpGAsyFcFXqbTyX4huKci1TGiK1Y= =c3RL -----END PGP SIGNATURE-----
pgpdDBuEetojc.pgp
Description: PGP signature
