I've added the Debian Bug link. There is another security related bug fixed in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=509596. The changeset mentioned above covers both.
** Bug watch added: Debian Bug tracker #508628 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508628 ** Also affects: roundcube (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508628 Importance: Unknown Status: Unknown -- CVE-2008-5619 - Roundcube vulnerable and actively exploited https://bugs.launchpad.net/bugs/316550 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs