Bug 260838 - mail/roundcube: Security update to 1.5.2
Summary: mail/roundcube: Security update to 1.5.2
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Alex Dupre
URL: https://github.com/roundcube/roundcub...
Keywords:
Depends on:
Blocks:
 
Reported: 2021-12-31 10:02 UTC by Bernard Spil
Modified: 2022-01-10 10:25 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (ale)


Attachments
git diff for mail/roundcube (1.15 KB, patch)
2021-12-31 10:02 UTC, Bernard Spil
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Bernard Spil freebsd_committer freebsd_triage 2021-12-31 10:02:39 UTC
Created attachment 230583 [details]
git diff for mail/roundcube

Fixes XSS vulnerability

```
mail/roundcube: Security update to 1.5.2

 * PHP 8.1 incompatible as per
   https://github.com/roundcube/roundcubemail/issues/8151

Security: 47197b47-6a1a-11ec-8be6-d4c9ef517024
MFH: 2021Q4
```
Comment 1 Vladimir Druzenko freebsd_committer freebsd_triage 2022-01-07 05:48:22 UTC
1.5.2 work for me on 12.2 amd64 with php 7.4.
Comment 2 commit-hook freebsd_committer freebsd_triage 2022-01-10 10:25:03 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=7fb0362fe62037c6d6af3df62870f41a37565eca

commit 7fb0362fe62037c6d6af3df62870f41a37565eca
Author:     Alex Dupre <ale@FreeBSD.org>
AuthorDate: 2022-01-10 10:23:51 +0000
Commit:     Alex Dupre <ale@FreeBSD.org>
CommitDate: 2022-01-10 10:23:51 +0000

    mail/roundcube: update to 1.5.2 release.

    PR:             260838
    Submitted by:   brnrd

 mail/roundcube/Makefile | 3 ++-
 mail/roundcube/distinfo | 6 +++---
 2 files changed, 5 insertions(+), 4 deletions(-)