Change logs for roundcube source package in Oracular

roundcube (1.6.7+dfsg-1) unstable; urgency=high

  * New upstream bugfix and security release (closes: #1071474):
    + Fix command injection via crafted im_convert_path/im_identify_path
      on Windows.
    + Fix cross-site scripting (XSS) vulnerability in handling list columns
      from user preferences.
    + Fix cross-site scripting (XSS) vulnerability in handling SVG animate
      attributes.
    + Fix PHP8 warnings.
  * Update Standards-Version to 4.7.0 (no changes necessary).
  * Refresh d/patches.

 -- Guilhem Moulin <email address hidden>  Sun, 19 May 2024 23:20:59 +0200

roundcube (1.6.6+dfsg-2) unstable; urgency=medium

  * d/control: Drop ‘libmagic1’ from roundcube-core's Depends.
    (Closes: #1066853)

 -- Guilhem Moulin <email address hidden>  Thu, 14 Mar 2024 19:28:50 +0100