❦ 17 janvier 2015 17:13 +0100, Moritz Muehlenhoff <j...@debian.org> :
> please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-9587 > for more information. Hi Moritz! Backporting the fix don't seem quite complex for the current version in jessie/unstable. However, this seems quite more complex for the version in stable. Moreover, the fix is unlikely to be complete since vulnerable code may have been removed/fixed silently. I have asked for removal of roundcube from testing to avoid shipping it in Jessie. None of the maintainers can commit to have enough time for security support and the current version is already a bit outdated. I'll try to backport the fix to stable. -- "Elves and Dragons!" I says to him. "Cabbages and potatoes are better for you and me." -- J. R. R. Tolkien
signature.asc
Description: PGP signature
