From f351839b04108a6d329e05f788a37a8fe530b36fa610e34f97426425736b6078 Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Tue, 28 Aug 2012 08:03:01 +0000
Subject: [PATCH] Accepting request 131825 from home:wrosenauer

OBS-URL: https://build.opensuse.org/request/show/131825
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/roundcubemail?expand=0&rev=38
---
 roundcubemail.changes | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/roundcubemail.changes b/roundcubemail.changes
index cbd8562..561c8fe 100644
--- a/roundcubemail.changes
+++ b/roundcubemail.changes
@@ -4,6 +4,13 @@ Thu Aug 23 06:32:14 UTC 2012 - wr@rosenauer.org
 - Update to version 0.8.1
   * lot of bugfixes and new features including new skin
     (please check the CHANGELOG)
+  * contains security related fixes (bnc#777446)
+    * Fix XSS vulnerability in message subject handling using
+      Larry skin (CVE-2012-3507)
+    * Fix XSS issue where plain signatures wasn't secured in HTML
+      mode (CVE-2012-3508)
+    * Fix XSS issue where href="javascript:" wasn't secured
+      (CVE-2012-3508)
 
 -------------------------------------------------------------------
 Sat May 12 17:59:17 UTC 2012 - wr@rosenauer.org