Path to this page:
Next | Query returned 2 messages, browsing 1 to 10 | previous
CVS Commit History:
2020-08-23 20:58:29 by Benny Siegert | Files touched by this commit (3) | |
Log message:
Pullup ticket #6302 - requested by taca
mail/roundcube: security fix
Revisions pulled up:
- mail/roundcube-plugin-password/distinfo 1.21
- mail/roundcube/Makefile.common 1.21
- mail/roundcube/distinfo 1.72
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Aug 10 22:30:41 UTC 2020
Modified Files:
pkgsrc/mail/roundcube: Makefile.common distinfo
pkgsrc/mail/roundcube-plugin-password: distinfo
Log message:
mail/roundcube: update to 1.4.8
Update roundcube to 1.4.8, security release.
RELEASE 1.4.8
-------------
- Security: Fix potential XSS issue in HTML editor of the identity signature \
input (#7507)
- Managesieve: Fix too-small input field in Elastic when using custom headers \
(#7498)
- Fix support for an error as a string in message_before_send hook (#7475)
- Elastic: Fix redundant scrollbar in plain text editor on mail reply (#7500)
- Elastic: Fix deleted and replied+forwarded icons on messages list (#7503)
- Managesieve: Allow angle brackets in out-of-office message body (#7518)
- Fix bug in conversion of email addresses to mailto links in plain text \
messages (#7526)
- Fix format=flowed formatting on plain text part derived from the HTML \
content (#7504)
- Fix incorrect rewriting of internal links in HTML content (#7512)
- Fix handling links without defined protocol (#7454)
- Fix paging of search results on IMAP servers with no SORT capability (#7462)
- Fix detecting special folders on servers with both SPECIAL-USE and \
LIST-STATUS (#7525)
- Security: Fix cross-site scripting (XSS) via HTML messages with malicious \
svg content [CVE-2020-16145]
- Security: Fix cross-site scripting (XSS) via HTML messages with malicious \
math content
|
2020-07-29 21:39:44 by Benny Siegert | Files touched by this commit (3) | |
Log message:
Pullup ticket #6274 - requested by taca
mail/roundcube: security fix
Revisions pulled up:
- mail/roundcube-plugin-password/distinfo 1.20
- mail/roundcube/Makefile.common 1.20
- mail/roundcube/distinfo 1.71
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 7 04:37:26 UTC 2020
Modified Files:
pkgsrc/mail/roundcube: Makefile.common distinfo
pkgsrc/mail/roundcube-plugin-password: distinfo
Log message:
mail/roundcube: update to 1.4.7
Update roundcube to 1.4.7.
RELEASE 1.4.7
-------------
- Fix bug where subfolders of special folders could have been duplicated on \
folder list
- Increase maximum size of contact jobtitle and department fields to 128 \
characters
- Fix missing newline after the logged line when writing to stdout (#7418)
- Elastic: Fix context menu (paste) on the recipient input (#7431)
- Fix problem with forwarding inline images attached to messages with no HTML \
part (#7414)
- Fix problem with handling attached images with same name when using \
database_attachments/redundant_attachments (#7455)
- Security: Fix cross-site scripting (XSS) via HTML messages with malicious \
svg/namespace
|
Next | Query returned 2 messages, browsing 1 to 10 | previous