Comment 1 for bug 1256293

Following https://wiki.ubuntu.com/SyncRequestProcess#Content_of_a_sync_request

Changelog entries since 0.9.2-2:
roundcube (0.9.4-1.1) unstable; urgency=high

  * Non-maintainer upload.
  * Add CVE-2013-6172.patch patch.
    CVE-2013-6172: An attacker can overwrite configuration settings using
    user preferences. This can result in random file access and manipulated
    SQL queries. (Closes: #727668)

 -- Salvatore Bonaccorso <email address hidden> Sat, 26 Oct 2013 21:47:22 +0200

roundcube (0.9.4-1) unstable; urgency=low

  * New upstream version.
     + Fix CVE-2013-5645 (Closes: #721592)
     + "Enigma" plugin has been removed.

 -- Vincent Bernat <email address hidden> Sun, 08 Sep 2013 13:52:46 +0200