HTTP/2 200
server: BaseHTTP/0.6 Python/3.11.2
x-content-type-options: nosniff
x-frame-options: sameorigin
referrer-policy: no-referrer
x-xss-protection: 1
permissions-policy: interest-cohort=()
strict-transport-security: max-age=15552000
content-type: text/html; charset=UTF-8
cache-control: max-age=3600, stale-while-revalidate=60
expires: Thu, 01 Jan 2026 00:21:06 GMT
content-encoding: gzip
x-clacks-overhead: GNU Terry Pratchett
accept-ranges: bytes
age: 0
date: Wed, 31 Dec 2025 23:21:07 GMT
via: 1.1 varnish
x-served-by: cache-bom-vanm7210071-BOM
x-cache: MISS
x-cache-hits: 0
x-timer: S1767223266.065181,VS0,VE1188
vary: Accept-Encoding
content-length: 870
DSA-6087-1Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| roundcube (PTS) | bookworm | 1.6.5+dfsg-1+deb12u5 | vulnerable |
| bookworm (security) | 1.6.5+dfsg-1+deb12u6 | fixed |
| trixie | 1.6.11+dfsg-1 | vulnerable |
| trixie (security) | 1.6.12+dfsg-0+deb13u1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| roundcube | source | bookworm | 1.6.5+dfsg-1+deb12u6 | | | |
| roundcube | source | trixie | 1.6.12+dfsg-0+deb13u1 | | | |
