[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 613-2] roundcube regression update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : roundcube
Version        : 0.7.2-9+deb7u8
Debian Bug     : 843795 851214

The security update announced as DLA-613-1 caused a regression. A
missing null parameter set the $task variable in the rcmail_url()
function to a boolean value which led to service not available errors
when viewing attached images. Updated packages are now available to
correct this issue.

For Debian 7 "Wheezy", these problems have been fixed in version
0.7.2-9+deb7u8.

We recommend that you upgrade your roundcube packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAll6Uz9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeS1uxAAg2aOtL0v4Rh+RzwSoAelbhFHsOoZuzNb1thdKgGQHxlB1nm1+6kfwV8h
v7ftr8nu+6wx3emJpel5rQXW0oW9PV73WtytmeC3yp1htYa+dYfqFSYYsgoXLlb5
xVcXFslY+3SOTRkZbtD46oQbda5HTCCjAkQs6gNN9Si1X3hn0FGpYb5ykPb91g0k
em5IsVIOFBmF2HsCQPk0LiSpNULfT95crO+ZTfjyQ+ho8On6MJovadwE+5AtzzYu
8cRWITbdNrlTBqBUytdQN+2jtHpn1jKkTOsC6slNCZ3FvgnEIq4AVDqrB+ebtRR9
2QqoPN8oUOU3QxSQOJjUXzMtsYIj/Tt/D1EZWxPzWfm3dxgZuiPwtTVUnOHsIR3D
EsPWMtTRdVD0VHh1zLf8zMyqAbHLWEASwg95bSjCoLZXL+USMf3J5ktdu7A/fRWF
riEgYZHeLPzJ9Y7zT5mnTCsZdcMXyiKdWLTNFN1EVsIlGqEsi1uCA6rIyXeknkCc
Nz6vNPfvKUa/X2pW7D0RSzDLbpoksuT8FfuFfWlO3S7/V+V/QcWfPjJQqraTcykl
cHvHX5wz2aj/8Kzr5etU3cKUcdAy5T0YVOCw6a7oVm5XJkKx990bITKQvRTnggJF
fC219bVM/7W4K4wAqisk5OgmmbPgUPf8P8bd4vJVdzy+3OjhPH4=
=n1ap
-----END PGP SIGNATURE-----


Reply to: