Bug#1052611: bullseye-pu: package roundcube/1.4.14+dfsg.1-1~deb11u1

To: Guilhem Moulin <guilhem@debian.org>, 1052611@bugs.debian.org
Subject: Bug#1052611: bullseye-pu: package roundcube/1.4.14+dfsg.1-1~deb11u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Tue, 26 Sep 2023 18:21:01 +0100
Message-id: <[🔎] b79a31efab29b31dda066f42efcaa5f89d5c9eee.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1052611@bugs.debian.org
In-reply-to: <[🔎] ZRFc434_Y-IxTuJX@debian.org>
References: <[🔎] ZRFc434_Y-IxTuJX@debian.org> <[🔎] ZRFc434_Y-IxTuJX@debian.org>

Control: tags -1 confirmed

On Mon, 2023-09-25 at 12:11 +0200, Guilhem Moulin wrote:
> roundcube 1.4.13+dfsg.1-1~deb11u1 is vulnerable to CVE-2023-43770:
> cross-site scripting (XSS) vulnerability in handling of linkrefs in
> plain text messages.
> 

Please go ahead.

Regards,

Adam

Reply to:

References:
- Bug#1052611: bullseye-pu: package roundcube/1.4.14+dfsg.1-1~deb11u1
  - From: Guilhem Moulin <guilhem@debian.org>

Prev by Date: Processed: Re: Bug#1052710: bookworm-pu: package modsecurity/3.0.9-1+deb12u1
Next by Date: Processed: Re: Bug#1052611: bullseye-pu: package roundcube/1.4.14+dfsg.1-1~deb11u1
Previous by thread: Processed: bullseye-pu: package roundcube/1.4.14+dfsg.1-1~deb11u1
Next by thread: Processed: Re: Bug#1052611: bullseye-pu: package roundcube/1.4.14+dfsg.1-1~deb11u1
Index(es):
- Date
- Thread