Package: roundcube-core Version: 1.6.8+dfsg-1 Severity: normal Tags: upstream pending Control: found -1 1.6.5+dfsg-1+deb12u3 Control: forwarded -1 https://github.com/roundcube/roundcubemail/issues/9571
The upstream fix for CVE-2024-42008 (from 1.6.8 and backported to 1.6.5+dfsg-1+deb12u3) sets a too restrictive Content-Security-Policy on the attachment preview page, which breaks printing and other handling of image attachments. -- Guilhem.
signature.asc
Description: PGP signature
