- Update to 1.2.7:

+ Fix file disclosure vulnerability caused by insufficient input validation (CVE-2017-16651; boo#1067574) OBS-URL: https://build.opensuse.org/package/show/server:php:applications/roundcubemail?expand=0&rev=113
2017-11-10 12:02:33 +00:00 · 2017-11-10 12:02:33 +00:00 · dc06759b1a
commit dc06759b1a
parent e60f3308d2
6 changed files with 27 additions and 20 deletions
--- a/roundcubemail-1.2.6.tar.gz
+++ b/roundcubemail-1.2.6.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:770ca587e2ff217609c6d0a5821f1bb68ec2866a15f4151e904194a52969bdf4
-size 3596524
--- a/roundcubemail-1.2.6.tar.gz.asc
+++ b/roundcubemail-1.2.6.tar.gz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIcBAABCAAGBQJZtUO9AAoJEMKUapYJzVa0tFoP/RKWasE+QnQw+8b1Z3mGcstu
-zLL8lRqxOx1foI5bOl7UFZdxHUEtb/VAWb5K7E5ipMvG2D4oPLURJ6qrHiN5hyfl
-lrnjqVt8agmpCUKQ4go+m529hPKuqPTQTh0n9Fryttd2WMSn2p18g5D9WgJwP3aJ
-/FfYKAZr1q7F2PPhaeXKF3l+nSOtVJ+MdOOXiPRhxhft/eVjMqt5oMbn9Eu8WkmU
-Bv0Qvy6Qp2HS61e/09msZnKb+6HLyypZr+ZBMZgsgdBN2QwMyq4HKiMLu6QGQqPG
-cpPSBwY4rLrMbUOkeO/5BLI8mrpMJVztudVPM0kogCS1xjV+cCwIj5YjD1gQO24M
-7L12wAyS/kn+J7dzpbcwSGakM3NxkOMgzWvk7aHXH2O2KCAFgqB3DbmF0uRQZhpb
-Ou4S10N6LywUkaVAvjV08Ea0raFTQ/GjpKEUD5bxyi5vXk3JzyNjmlSP8rrCJ/IO
-XCkSK1hrtB9x17EDGlKMVXq+V1cmXg7Q/lPQFywXCdASEC5YCpP08nYkFygbDgwl
-Vx68Mv0Mk/l88uW9OcbIFSGG+XDEHnVCJVylGUtzlYSJ0NyJINptgfg6x5ct/3F8
-RParPOAbijMhQ89I+v4Mwupdzecmo9IKmYLNlnYOYjdQlibJY2a73QHFpLb5DWVg
-qTZm8wnoJYOpmp3mf/Vt
-=kt9V
-----END PGP SIGNATURE-----
--- a/roundcubemail-1.2.7.tar.gz
+++ b/roundcubemail-1.2.7.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:01390256365587c40cf22f79051656daf3e4b0efe133cdfa64f9b48ea22d749b
+size 3597463
--- a/roundcubemail-1.2.7.tar.gz.asc
+++ b/roundcubemail-1.2.7.tar.gz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABCAAGBQJaA1KXAAoJEMKUapYJzVa0KgoP/0Ny6yneBwvKAqu6a+FjjwsT
+3ExukUj4yLn9gxqNfL0kU4dzolDVFAfYDh6fK3EiSEghXOegI2nqqi3mr419bXEQ
+9rboUv67UVrbO3og/8GM2uStIoB5WHQmFWaXyES6NKfDfl47KU5xIZcN6Ww/bquf
+GTzISSIEkBox/BiMvi5Hm0p5XUCwnj0HujFVDXGvTzgYsjK0M+6IHB2rcyZR/+PM
+n9yFH0+oNXvE/9+9RRvryt97kC0/Vl+KyQpMBUNHcZaF3hsSzNXoUOles4embte1
+HUYvxnLn52iHQ+y4p9gN5/D5FBhWaBM0J248i8c5djuDp2OpOL1lugKH9xw9QC1a
+rTDulpFrm9sshv3CiYz+5eNQ6YhERK6pp20AUoCMn3mb2JMWVFbgpsHaqCFzduOh
+oL2NOJPBtGjBcZCZsk94UwpaWkQHi1X8jFmTv0MmrhNUsvVL5p/dzp11H+sRNtc1
+ygdExAS5K+vuam4QBGKIxxACOVCNmRDpR9hGS+E4S9i0UOqt85IjUvhW8zuQXUhu
+prraNd4jtJ9/yufFC+dfNCdcnCoX9mtAGYZ7+X94O2UpDeMWn1y5krUp4ANuLaPG
+MT6QTSKBWjzeQvOPBROOmicouD0fjwiiqifC+h7JyFe0g352bWPQVtNeLgW/Z3r+
+iFYt9EM7Kh3+YhD+jkXa
+=eoxj
+-----END PGP SIGNATURE-----
--- a/roundcubemail.changes
+++ b/roundcubemail.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Fri Nov 10 10:50:57 UTC 2017 - lars@linux-schulserver.de
+
+- Update to 1.2.7:
+  + Fix file disclosure vulnerability caused by insufficient 
+    input validation (CVE-2017-16651; boo#1067574)
+
 -------------------------------------------------------------------
 Tue Sep 19 09:02:32 UTC 2017 - michael@stroeder.com

--- a/roundcubemail.spec
+++ b/roundcubemail.spec
@ -17,7 +17,7 @@


 Name:           roundcubemail
-Version:        1.2.6
+Version:        1.2.7
 Release:        0
 Summary:        A modern browser-based multilingual IMAP client
 License:        GPL-3.0+ and GPL-2.0 and BSD-3-Clause