pool/roundcubemail
SHA256
17
0
Fork 2
Code Issues Pull Requests 2 Activity

Add CVE ids to the factory changes file #4

Open
abergmann wants to merge 1 commits from abergmann/roundcubemail:add-CVE-number-to-factory into factory
pull from: abergmann/roundcubemail:add-CVE-number-to-factory
merge into: pool:factory
Conversation 0 Commits 1 Files Changed 1 +6 -4
abergmann commented 2026-03-04 13:58:09 +01:00
Contributor
Copy Link

The following CVEs got added to the existing changelog entries:

  • update to 1.6.13

    • Fix CSS injection vulnerability reported by CERT Polska (boo#1258052, CVE-2026-26079).
    • Fix remote image blocking bypass via SVG content reported by nullcathedral (boo#1257909, CVE-2026-25916).

  • update to 1.6.12

    • Fix Cross-Site-Scripting vulnerability via SVG's animate tag reported by Valentin T., CrowdStrike (boo#1255308, CVE-2025-68461).
    • Fix Information Disclosure vulnerability in the HTML style sanitizer reported by somerandomdev (boo#1255306, CVE-2025-68460).
The following CVEs got added to the existing changelog entries: - update to 1.6.13 + Fix CSS injection vulnerability reported by CERT Polska (boo#1258052, CVE-2026-26079). + Fix remote image blocking bypass via SVG content reported by nullcathedral (boo#1257909, CVE-2026-25916). - update to 1.6.12 + Fix Cross-Site-Scripting vulnerability via SVG's animate tag reported by Valentin T., CrowdStrike (boo#1255308, CVE-2025-68461). + Fix Information Disclosure vulnerability in the HTML style sanitizer reported by somerandomdev (boo#1255306, CVE-2025-68460).
abergmann added 1 commit 2026-03-04 13:58:09 +01:00
Add CVE ids to the factory changes file c0b40c713d
This pull request can be merged automatically.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u add-CVE-number-to-factory:abergmann-add-CVE-number-to-factory
git checkout abergmann-add-CVE-number-to-factory
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
legaldb
Critical Priority
Critical legaldb priority
Archived
legaldb
High Priority
2
High legaldb priority
legaldb
Normal Priority
1
Normal legaldb priority
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
adamm_super adrianSuSE autobuild-owner autobuild-review autogits_workflow_pr_bot bigironman dirkmueller eroca factory_bot gitea_test legaldb lkocman-factory maxlin_factory opensuse-review packagehub-review smithfarm
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: pool/roundcubemail#4
Delete Branch "abergmann/roundcubemail:add-CVE-number-to-factory"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?