- update to 1.6.5 (bsc#1216895)

* Fix cross-site scripting (XSS) vulnerability in setting Content-Type/Content-Disposition for attachment preview/download OBS-URL: https://build.opensuse.org/package/show/server:php:applications/roundcubemail?expand=0&rev=168
2023-11-06 16:41:04 +00:00 · 2023-11-06 16:41:04 +00:00 · 71be053b53
commit 71be053b53
parent 24ef24c416
6 changed files with 29 additions and 21 deletions
--- a/roundcubemail-1.6.4-complete.tar.gz
+++ b/roundcubemail-1.6.4-complete.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a5eabc7e0828e0261879aec90a9d4a6dc0203e988e14de2f93d6c061e64891c8
-size 6027429
--- a/roundcubemail-1.6.4-complete.tar.gz.asc
+++ b/roundcubemail-1.6.4-complete.tar.gz.asc
@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQJHBAABCgAxFiEEiXDjemmK93XYfVkNwpRqlgnNVrQFAmUtBwoTHGRldnNAcm91
-bmRjdWJlLm5ldAAKCRDClGqWCc1WtAfjEACTmIH7OGdFzfyMKiRRXha/tiu45Ytp
-kN9NxaLcVrBBhYE+VvKjVOn/9+2Sav+zUfRAd6k3fVYVXaIkTfpAbK9Lh6E7gnrQ
-u2nKdcV9exfpdsS5BlwvD1VDR8FW5qIyT/vo3ki2mZxiCoFwtirDP4qV52ATTSRe
-67jqlQLpnFTwV2+RPb7WveaUggurx3nOo1PBd5F9hskB2+4BeX5EtEFtKXQx7EfH
-kHVjFbA4SnOA+CGgaJcYxbp2hoABRZ1fGV9gSn/Nr6efC29fbH9p0SjaAquQhkVP
-TVo1Fj1GPpQ8R6KK4yJ8Q+HoCDtTbbYJ3zMlDQ7E+6Qf72w1T776FqHFesGI1Vdo
-G9C8OFmU/Fr95qswKWeyykixyqRnlV53/ZDgPZ/Q3CyLxlT+9n0GOKcjpgBf+4vh
-fFVcL9PFuUtb6FzaIkrWMd7alFV93Z8//xHBc+kYfknIE9zRq7uIhv9d/+Jqcriu
-U7QFqqmxoKPOYY6fbTvtzHv2W48128ZqrUvwyLztlgKcjzvAxCPf7grB066K/TlM
-2gNrOC/ASXlL1+PiWbrr8HB4vVkeibMtBx3GsbImzsxF+HC21/gsT/Ngd3zEJSco
-CZrVZSpHAuQhtR9Htq3zTX/VsWsC5YillEoD8oj1fv4rQQWQen4dFsy0tNz/24An
-vI0dNXmpMjYQdg==
-=q5xQ
-----END PGP SIGNATURE-----
--- a/roundcubemail-1.6.5-complete.tar.gz
+++ b/roundcubemail-1.6.5-complete.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:164b72cb78de89d104741ee9090f4024e63bfada43949034844365f3fa70b5fd
+size 6028873
--- a/roundcubemail-1.6.5-complete.tar.gz.asc
+++ b/roundcubemail-1.6.5-complete.tar.gz.asc
@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJHBAABCgAxFiEEiXDjemmK93XYfVkNwpRqlgnNVrQFAmVHW7wTHGRldnNAcm91
+bmRjdWJlLm5ldAAKCRDClGqWCc1WtKBvD/43aAtElaQTNTNA+IUAiTofdFkrUWlN
+VzMK/fUv8kmpJ975fB+PUYr+hKzUj+xBRWTq64PZkL1q78xJ0g0dNxYgZhkCO3d2
+oTP3EfoE0EqXvIXBnL54ftdu6d65Pw2m7qBZxMRA5XmuLbG23bZlcrCIUbRHvhFv
+odOsr82jOYWzFwNYDYDDFYeqSXDmX8ISIJcn/Y7gP4Ifenz9YXtVSFG0zMGDOFcN
+x2oxqEUx2guQBGvKXToOCADr33sB7rigY0MqvhP1Z10D2eOk4ViExNyTRVQQuepm
+eyudQeyZlC0lLhWteuJyjgH/dX9mtjyGfQ6Eqr3HpR8untY1NNYebEgwFFbrlmr4
+Q9fLGU/HOXUcvpceZUR/mV60apuXcLRZ18qsjgMQjqnr6Eeq0Pg9Jpe6Hkb1xSYJ
+vGVC5j/BMKH5b3ZNLc0VuoUFDFAoFyecivBYgWgEWag+Hfmw21TZKT1i+Hn5jWav
+OD4bT7n/jmZI4eYbOmmf4vRSwv3uHj+9K80IM09mrIHNnL1R6MqeBezkF2vjdr9b
+oy1dkEL8UDyfhklz+e5npR1ouJw4FttVqX5tLAbFzpgn80EKQD4N7oRTiZNQV/6w
+fTKJH/2lqHSmqPLGwmXHDE9EGCOMyf6t3AXM0929pgKZwxTDUE7JQyaAMEHA8ZOC
+P2qfZNVxQyrcbQ==
+=dpSa
+-----END PGP SIGNATURE-----
--- a/roundcubemail.changes
+++ b/roundcubemail.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon Nov  6 16:39:57 UTC 2023 - Lars Vogdt <lars@linux-schulserver.de>
+
+- update to 1.6.5 (bsc#1216895)
+  * Fix cross-site scripting (XSS) vulnerability in setting 
+    Content-Type/Content-Disposition for attachment 
+    preview/download
+
 -------------------------------------------------------------------
 Wed Oct 25 15:36:52 UTC 2023 - Lars Vogdt <lars@linux-schulserver.de>

--- a/roundcubemail.spec
+++ b/roundcubemail.spec
@ -20,7 +20,7 @@
 %define roundcubeconfigpath %{_sysconfdir}/%{name}

 Name:           roundcubemail
-Version:        1.6.4
+Version:        1.6.5
 Release:        0
 Summary:        A browser-based multilingual IMAP client
 License:        BSD-3-Clause AND GPL-2.0-only AND GPL-3.0-or-later