Andrew, thanks for yours patches. I just reviewed them and the patch for CVE-2008-5619 is extremely invasive and does not seem to go along with Debian's changes as you mentioned in the changelog. Can you look at Debian's 0.1.1-10, redo the patch and resubmit? Also, please reference this bug number in your changelog.
Once you have resubmitted the debdiffs, please remark the bug status to 'In Progress' and please state the testing performed on the new packages. -- [CVE-2008-5619] [CVE-2008-5620] - Roundcube vulnerable and actively exploited https://bugs.launchpad.net/bugs/316550 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
