Public bug reported:
Please sync roundcube 0.3.1-3 (universe) from Debian testing (main)
This is a bug fix only sync. It will also bring in a fix for
CVE-2010-0464
Changelog entries since current lucid version 0.3.1-2:
roundcube (0.3.1-3) unstable; urgency=high
* RFC 5321, section 4.5.3.1, asks to not impose any limits on length if
possible. We respect this by dropping limitation of the local-part of
an email address. Closes: #568360, #568537.
* Suggests php-auth-sasl to enable use of SASL mechanisms for mail
servers. Closes: #567550.
* Disable DNS prefetching to avoid information leakage through links
embedded in messages. This fixes CVE-2010-0464. Closes: #569660.
* Bump Standards-Version. No changes required.
-- Vincent Bernat <ber...@debian.org> Sat, 13 Feb 2010 10:21:49 +0100
** Affects: roundcube (Ubuntu)
Importance: Undecided
Status: New
--
Sync roundcube 0.3.1-3 (universe) from Debian testing (main)
https://bugs.launchpad.net/bugs/534130
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
