Hello community,
here is the log from the commit of package roundcubemail for openSUSE:Factory
checked in at 2020-06-03 20:36:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/roundcubemail (Old)
and /work/SRC/openSUSE:Factory/.roundcubemail.new.3606 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "roundcubemail"
Wed Jun 3 20:36:47 2020 rev:63 rq:811176 version:1.4.5
Changes:
--------
--- /work/SRC/openSUSE:Factory/roundcubemail/roundcubemail.changes
2020-05-08 23:08:46.622282088 +0200
+++ /work/SRC/openSUSE:Factory/.roundcubemail.new.3606/roundcubemail.changes
2020-06-03 20:37:11.170049691 +0200
@@ -1,0 +2,32 @@
+Wed Jun 3 08:20:49 UTC 2020 - Lars Vogdt <l...@linux-schulserver.de>
+
+- update to 1.4.5
+ Security fixes
+ * Fix XSS issue in template object 'username' (#7406)
+ * Fix cross-site scripting (XSS) via malicious XML attachment
+ * Fix a couple of XSS issues in Installer (#7406)
+ * Better fix for CVE-2020-12641
+ Other changes
+ * Fix bug in extracting required plugins from composer.json that led
+ to spurious error in log (#7364)
+ * Fix so the database setup description is compatible with MySQL 8 (#7340)
+ * Markasjunk: Fix regression in jsevent driver (#7361)
+ * Fix missing flag indication on collapsed thread in Larry and Elastic
(#7366)
+ * Fix default keyservers (use keys.openpgp.org), add note about CORS (#7373,
#7367)
+ * Password: Fix issue with Modoboa driver (#7372)
+ * Mailvelope: Use sender's address to find pubkeys to check signatures
(#7348)
+ * Mailvelope: Fix Encrypt button hidden in Elastic (#7353)
+ * Fix PHP warning: count(): Parameter must be an array or an object...
+ in ID command handler (#7392)
+ * Fix error when user-configured skin does not exist anymore (#7271)
+ * Elastic: Fix aspect ratio of a contact photo in mail preview (#7339)
+ * Fix bug where PDF attachments marked as inline could have not been
+ attached on mail forward (#7382)
+ * Security: Fix a couple of XSS issues in Installer (#7406)
+ * Security: Fix XSS issue in template object 'username' (#7406)
+ * Security: Fix cross-site scripting (XSS) via malicious XML attachment
+ * Security: Better fix for CVE-2020-12641
+- renamed roundcubemail-1.4.4-config_dir.patch to
+ roundcubemail-1.4.5-config_dir.patch
+
+-------------------------------------------------------------------
Old:
----
roundcubemail-1.4.4-complete.tar.gz
roundcubemail-1.4.4-complete.tar.gz.asc
roundcubemail-1.4.4-config_dir.patch
New:
----
roundcubemail-1.4.5-complete.tar.gz
roundcubemail-1.4.5-complete.tar.gz.asc
roundcubemail-1.4.5-config_dir.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ roundcubemail.spec ++++++
--- /var/tmp/diff_new_pack.I3kCQY/_old 2020-06-03 20:37:12.046052436 +0200
+++ /var/tmp/diff_new_pack.I3kCQY/_new 2020-06-03 20:37:12.050052449 +0200
@@ -22,7 +22,7 @@
%define roundcubeconfigpath %{_sysconfdir}/%{name}
%define php_major_version %(php -r "echo PHP_MAJOR_VERSION;")
Name: roundcubemail
-Version: 1.4.4
+Version: 1.4.5
Release: 0
Summary: A browser-based multilingual IMAP client
License: GPL-3.0-or-later AND GPL-2.0-only AND BSD-3-Clause
++++++ roundcubemail-1.4.4-complete.tar.gz ->
roundcubemail-1.4.5-complete.tar.gz ++++++
/work/SRC/openSUSE:Factory/roundcubemail/roundcubemail-1.4.4-complete.tar.gz
/work/SRC/openSUSE:Factory/.roundcubemail.new.3606/roundcubemail-1.4.5-complete.tar.gz
differ: char 5, line 1
++++++ roundcubemail-1.4.4-config_dir.patch ->
roundcubemail-1.4.5-config_dir.patch ++++++
