Subject: CVS commit: [pkgsrc-2020Q2] pkgsrc/mail
From: Benny Siegert
Date: 2020-08-23 20:58:29
Message id: 20200823185829.26820FB28@cvs.NetBSD.org

Log Message:
Pullup ticket #6302 - requested by taca
mail/roundcube: security fix

Revisions pulled up:
- mail/roundcube-plugin-password/distinfo                       1.21
- mail/roundcube/Makefile.common                                1.21
- mail/roundcube/distinfo                                       1.72

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Aug 10 22:30:41 UTC 2020

   Modified Files:
   	pkgsrc/mail/roundcube: Makefile.common distinfo
   	pkgsrc/mail/roundcube-plugin-password: distinfo

   Log Message:
   mail/roundcube: update to 1.4.8

   Update roundcube to 1.4.8, security release.

   RELEASE 1.4.8
   -------------
   - Security: Fix potential XSS issue in HTML editor of the identity signature \ 
input (#7507)
   - Managesieve: Fix too-small input field in Elastic when using custom headers \ 
(#7498)
   - Fix support for an error as a string in message_before_send hook (#7475)
   - Elastic: Fix redundant scrollbar in plain text editor on mail reply (#7500)
   - Elastic: Fix deleted and replied+forwarded icons on messages list (#7503)
   - Managesieve: Allow angle brackets in out-of-office message body (#7518)
   - Fix bug in conversion of email addresses to mailto links in plain text \ 
messages (#7526)
   - Fix format=flowed formatting on plain text part derived from the HTML \ 
content (#7504)
   - Fix incorrect rewriting of internal links in HTML content (#7512)
   - Fix handling links without defined protocol (#7454)
   - Fix paging of search results on IMAP servers with no SORT capability (#7462)
   - Fix detecting special folders on servers with both SPECIAL-USE and \ 
LIST-STATUS (#7525)
   - Security: Fix cross-site scripting (XSS) via HTML messages with malicious \ 
svg content [CVE-2020-16145]
   - Security: Fix cross-site scripting (XSS) via HTML messages with malicious \ 
math content

Files:
RevisionActionfile
1.19.2.2modifypkgsrc/mail/roundcube/Makefile.common
1.70.2.2modifypkgsrc/mail/roundcube/distinfo
1.19.2.2modifypkgsrc/mail/roundcube-plugin-password/distinfo