On Mon, 13 Jul 2009 14:28:30 +0200
Nico Golde n...@debian.org wrote:
* Gerfried Fuchs rho...@deb.at [2009-07-13 14:17]:
* Benjamin Bannier benjamin.bann...@netronaut.de [2009-07-10
17:14:45 CEST]:
thanks for your quick response.
I see roundcube-0.1.1-10~bpo40+2 still in backports.
* Benjamin Bannier benjamin.bann...@netronaut.de [2009-07-10 20:08:57 CEST]:
On Fri, 10 Jul 2009 19:45:41 +0200 Nico Golde n...@debian.org wrote:
I see roundcube-0.1.1-10~bpo40+2 still in backports. [..]
That's why I marked this bug as done with the unstable version.
Sorry, maybe I got
On Montag, 13. Juli 2009, Gerfried Fuchs wrote:
- in this case it was Holger Levsen. Though, I just asked him and he
said that he doesn't care about etch-backports.
Given that Holger gives a damn
thanks for your understanding and your well done summary of my position.
love,
Holger,
Hi,
On Montag, 13. Juli 2009, Gerfried Fuchs wrote:
- in this case it was Holger Levsen. Though, I just asked him and he
said that he doesn't care about etch-backports.
given that its not possible/desirable to have backports from squeeze in
etch-bpo (see
* Benjamin Bannier benjamin.bann...@netronaut.de [2009-07-10 17:14:45 CEST]:
thanks for your quick response.
I see roundcube-0.1.1-10~bpo40+2 still in backports. I presume this
doesn't include the patch to fix this specific issue.
Erm, are you sure? According to Nico it was fixed in 0.1.1-9
Hi again!
* Holger Levsen hol...@layer-acht.org [2009-07-13 12:10:41 CEST]:
On Montag, 13. Juli 2009, Gerfried Fuchs wrote:
- in this case it was Holger Levsen. Though, I just asked him and he
said that he doesn't care about etch-backports.
given that its not possible/desirable to
Hi,
* Gerfried Fuchs rho...@deb.at [2009-07-13 14:17]:
* Benjamin Bannier benjamin.bann...@netronaut.de [2009-07-10 17:14:45 CEST]:
thanks for your quick response.
I see roundcube-0.1.1-10~bpo40+2 still in backports. I presume this
doesn't include the patch to fix this specific issue.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, 13 Jul 2009 14:27:31 +0200
Gerfried Fuchs rho...@deb.at wrote:
... which, in the case of this bugreport, is done. 0.1.1-9 did fix
CVE-2008-5619 for etch-backports, so it rather seems to me that
Benjamin got some things mixed up, unless
On Montag, 13. Juli 2009, Gerfried Fuchs wrote:
I'd still
recommend to upgrade to lenny, but thats the beauty of free software:
there is more than one way to do it and everybody can get involved :-)
Unfortunately, lenny doesn't ship roundcube so that doesn't buy one
anything.
I ment:
OoO Vers la fin de l'après-midi du vendredi 10 juillet 2009, vers 16:21,
Benjamin Bannier be...@netronaut.de disait :
I have roundcube 0.1.1.10 installed from backports, and I see people
exploiting roundcube CVE-2008-5619
(http://trac.roundcube.net/ticket/1485618).
Any chances the fix
Package: roundcube
Version: 0.2.2-1
Severity: grave
Tags: security
Justification: user security hole
Hi,
I have roundcube 0.1.1.10 installed from backports, and I see people
exploiting roundcube CVE-2008-5619
(http://trac.roundcube.net/ticket/1485618).
Any chances the fix mentioned there could
Hi,
thanks for your quick response.
I see roundcube-0.1.1-10~bpo40+2 still in backports. I presume this
doesn't include the patch to fix this specific issue.
I urge you to please make a version bump to backports since this is a
security issue.
Thanks,
Benjamin
--
To UNSUBSCRIBE, email to
Hi,
* Benjamin Bannier benjamin.bann...@netronaut.de [2009-07-10 17:35]:
thanks for your quick response.
I see roundcube-0.1.1-10~bpo40+2 still in backports. I presume this
doesn't include the patch to fix this specific issue.
That's why I marked this bug as done with the unstable
version.
Benjamin Bannier schrieb am Friday, den 10. July 2009:
On Fri, 10 Jul 2009 19:45:41 +0200
Nico Golde n...@debian.org wrote:
I see roundcube-0.1.1-10~bpo40+2 still in backports. [..]
That's why I marked this bug as done with the unstable version.
Sorry, maybe I got confused. I
On Fri, 10 Jul 2009 19:45:41 +0200
Nico Golde n...@debian.org wrote:
I see roundcube-0.1.1-10~bpo40+2 still in backports. [..]
That's why I marked this bug as done with the unstable version.
Sorry, maybe I got confused. I reported this bug here because the
backports version was listed in
15 matches
Mail list logo
