Summary: | <mail-client/roundcube-1.4.11: XSS vulnerability (CVE-2021-26925) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Philippe Chaintreuil <gentoo_bugs_2_peep> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | candrews, titanofold, web-apps |
Priority: | Normal | Keywords: | ALLARCHES |
Version: | unspecified | Flags: | nattka:
sanity-check+
|
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B4 [noglsa] | ||
Package list: |
mail-client/roundcube-1.4.11 amd64 arm ppc ppc64 sparc x86
|
Runtime testing required: | No |
Description
Philippe Chaintreuil
2021-02-08 22:32:55 UTC
You're late, see commit 304a04be7c684287a2ef2a03969d5dc7c7f5bf77. ;) https://awfulannouncing.com/wp-content/uploads/sites/94/2018/11/Get-Smart-Missed-It-By-That-Much.jpg Tell us when ready to stable. ping Just as a data point, I've been running 1.4.11 since Feb 8th without an issue. (But I'm not the maintainer.) Please stabilize the following target: =mail-client/roundcube-1.4.11 ~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86 amd64 arm ppc ppc64 sparc x86 (ALLARCHES) done all arches done The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d5f856ca212bcdbe2096375e922030ab2e65965e commit d5f856ca212bcdbe2096375e922030ab2e65965e Author: Aaron W. Swenson <titanofold@gentoo.org> AuthorDate: 2021-02-27 10:40:27 +0000 Commit: Aaron W. Swenson <titanofold@gentoo.org> CommitDate: 2021-02-27 10:44:04 +0000 mail-client/roundcube: Cleanup Bug: https://bugs.gentoo.org/769623 Signed-off-by: Aaron W. Swenson <titanofold@gentoo.org> mail-client/roundcube/Manifest | 2 - mail-client/roundcube/roundcube-1.4.10.ebuild | 96 --------------------------- mail-client/roundcube/roundcube-1.4.8.ebuild | 73 -------------------- 3 files changed, 171 deletions(-) Thanks! |