On Mon, 13 Jul 2009 14:28:30 +0200
Nico Golde n...@debian.org wrote:
* Gerfried Fuchs rho...@deb.at [2009-07-13 14:17]:
* Benjamin Bannier benjamin.bann...@netronaut.de [2009-07-10
17:14:45 CEST]:
thanks for your quick response.
I see roundcube-0.1.1-10~bpo40+2 still in backports
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, 13 Jul 2009 14:27:31 +0200
Gerfried Fuchs rho...@deb.at wrote:
... which, in the case of this bugreport, is done. 0.1.1-9 did fix
CVE-2008-5619 for etch-backports, so it rather seems to me that
Benjamin got some things mixed up, unless
Package: roundcube
Version: 0.2.2-1
Severity: grave
Tags: security
Justification: user security hole
Hi,
I have roundcube 0.1.1.10 installed from backports, and I see people
exploiting roundcube CVE-2008-5619
(http://trac.roundcube.net/ticket/1485618).
Any chances the fix mentioned there could
Hi,
thanks for your quick response.
I see roundcube-0.1.1-10~bpo40+2 still in backports. I presume this
doesn't include the patch to fix this specific issue.
I urge you to please make a version bump to backports since this is a
security issue.
Thanks,
Benjamin
--
To UNSUBSCRIBE, email to
On Fri, 10 Jul 2009 19:45:41 +0200
Nico Golde n...@debian.org wrote:
I see roundcube-0.1.1-10~bpo40+2 still in backports. [..]
That's why I marked this bug as done with the unstable version.
Sorry, maybe I got confused. I reported this bug here because the
backports version was listed in
5 matches
Mail list logo
