roundcubemail-0.8.5-1.el6 security update
|Release:||Fedora EPEL 6|
|Date Submitted:||2013-02-08 16:08:59|
|Date Released:||2013-02-09 01:07:31|
Upstream ticket:  http://trac.roundcube.net/ticket/1488850
Further details:  http://trac.roundcube.net/attachment/ticket/1488850/RoundCube2XSS.pdf
Upstream patch:  https://github.com/roundcube/roundcubemail/commit/74cd0a9b62f11bc07c5a1d3ba0098b54883eb0ba
References:  http://sourceforge.net/news/?group_id=139281&id=310213  http://www.openwall.com/lists/oss-security/2013/02/07/11  http://www.openwall.com/lists/oss-security/2013/02/08/1Bugs Fixed909304 - CVE-2012-6121: roundcubemail: Cross-site scripting (XSS) in vbscript: and data:text URL handling [fedora-all]bodhi - 2013-02-08 16:09:20This update has been submitted for testing by limb.
bodhi - 2013-02-09 00:08:07This update is currently being pushed to the Fedora EPEL 6 testing updates repository.
bodhi - 2013-02-09 01:44:12This update has been pushed to testing
orion - 2013-02-20 23:50:09Working here
bodhi - 2013-02-23 10:06:32This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
bodhi - 2013-02-25 00:00:30This update has been submitted for stable by limb.
bodhi - 2013-02-25 15:59:17This update is currently being pushed to the Fedora EPEL 6 stable updates repository.
bodhi - 2013-02-25 18:34:21This update has been pushed to stable