914248 – mail-client/roundcube-1.6.3 version bump

Bug 914248 - mail-client/roundcube-1.6.3 version bump

Summary: mail-client/roundcube-1.6.3 version bump

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Linux bug wranglers

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2023-09-15 20:06 UTC by Philippe Chaintreuil
Modified:	2023-09-15 20:17 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Philippe Chaintreuil 2023-09-15 20:06:11 UTC

Roundcube 1.6.3 has been released.

"Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages"

Announcement: https://roundcube.net/news/2023/09/15/security-update-1.6.3-released
Changelog: https://github.com/roundcube/roundcubemail/releases/tag/1.6.3

Reproducible: Always

Comment 1 Philippe Chaintreuil 2023-09-15 20:17:54 UTC

Whoops.  Looks like I was too slow.  1.6.3 already got added to the tree:

https://github.com/gentoo/gentoo/commit/7706728f2f0956986948e08b195d2b2ef0a761f9