Overview

File _patchinfo of Package patchinfo.824

<patchinfo>
  <issue id="777446" tracker="bnc">CVE-2012-3507,CVE-2012-3508: roundcubemail: XSS issues</issue>
  <issue id="CVE-2012-3508" tracker="cve" />
  <issue id="CVE-2012-3507" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>wrosenauer</packager>
  <description>
- Update to version 0.8.1
  * lot of bugfixes and new features including new skin
    (please check the CHANGELOG)
  * contains security related fixes (bnc#777446)
    * Fix XSS vulnerability in message subject handling using
      Larry skin (CVE-2012-3507)
    * Fix XSS issue where plain signatures wasn't secured in HTML
      mode (CVE-2012-3508)
    * Fix XSS issue where href="javascript:" wasn't secured
      (CVE-2012-3508)
</description>
  <summary>update for roundcubemail</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places