-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : roundcube Version : 0.7.2-9+deb7u6 CVE ID : CVE-2017-6820 Debian Bug : 857473
Roundcube, a webmail solution for IMAP servers, was susceptible to a cross-site-scripting (XSS) vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element or HTML message. For Debian 7 "Wheezy", these problems have been fixed in version 0.7.2-9+deb7u6. We recommend that you upgrade your roundcube packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAljHHXFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeSNYBAAzC44HpIlY+asJnon86febmNDi/BIZXi9WoiMurZ0cNEtk9q7mQ1OXxld uk9UHF40TyjkOqouKq4JwfV0r3qjaV4WxWcHZnOtF7H15Px4+om0nsG9OwKF4RBP /ZNcHxMl+W7BIpZVf4bFhxVMjqRojwmOodLRU87ATjnsPrAdmeFb6/4B0M+z0EGT dtO8INPbWzp5AU2mIB7oBYBpv0B1LMpacGHuJmZSmj/U7cxoTobTP482gA2Qo8Rj K96z3USkiw2d5Ji9a4zY52h3LEaDcCRQfrDEum3VUfEOKyJSdGkYg4ZFcnM0vJYB WFqP+pEtkmPdvse/acWRZPYDzuy3b3JpNYknHeRfdjxk6kggDCsBPIiLp/6vPmEb lLgSYE0Io1Tf00XeooD3MFssaDWy4cVEBgfUU15Eu8xn4OsXnFjBjKvxVeVAqDdR pi6PjvYrMPllvAA8ZYBoD3jvoyzpPsIAJ1SlyOQiAiJrFhgTNSO1FqZJf+kY2DHo ZFW70HJdYTQ4dujZi9RvaWVEZiEvecu2EHrWkO4vyCre+q3hUbLxG5cIfiWoscYD j1koRHSDN4newSdqGeFC/4xX2E+GxBZ/V92uffnzbqymKbweMPNfHhmxaraXaRyb EANS4quF1S7GhHl0ofQtcSZaFHrAWNfwE6Dm0ZzPLT9uLWCrkEs= =1oua -----END PGP SIGNATURE-----
