From 570c98ffc3dc556c585fe39b3ce2c3bf254eb068 Mon Sep 17 00:00:00 2001
From: ctrl-i <1422608+ctrl-i@users.noreply.github.com>
Date: Mon, 6 Nov 2023 07:55:23 +0000
Subject: [PATCH 1/3] Upgrade to roundcube 1.6.5 (fix XSS)

(cherry picked from commit b74cd17bdd3d8e70fc3b8514eca32d39eca845c9)
---
 towncrier/newsfragments/3024.misc | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 towncrier/newsfragments/3024.misc

diff --git a/towncrier/newsfragments/3024.misc b/towncrier/newsfragments/3024.misc
new file mode 100644
index 00000000..c5f34547
--- /dev/null
+++ b/towncrier/newsfragments/3024.misc
@@ -0,0 +1 @@
+Upgrade to roundcube 1.6.5 (fix XSS)

From 8d0fc90fe81157adaa76e40bde63619dc0eb21e1 Mon Sep 17 00:00:00 2001
From: ctrl-i <1422608+ctrl-i@users.noreply.github.com>
Date: Mon, 6 Nov 2023 07:56:13 +0000
Subject: [PATCH 2/3] Update Dockerfile

(cherry picked from commit 3a3f6d06944f5062bafa184cf156a8b90e4741a2)
---
 webmails/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webmails/Dockerfile b/webmails/Dockerfile
index 51e0a98c..09fbd8ee 100644
--- a/webmails/Dockerfile
+++ b/webmails/Dockerfile
@@ -27,7 +27,7 @@ RUN set -euxo pipefail \
   ; mkdir -p /run/nginx /conf
 
 # roundcube
-ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.6.4/roundcubemail-1.6.4-complete.tar.gz
+ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.6.5/roundcubemail-1.6.5-complete.tar.gz
 ENV CARDDAV_URL https://github.com/mstilkerich/rcmcarddav/releases/download/v5.1.0/carddav-v5.1.0.tar.gz
 
 RUN set -euxo pipefail \

From 9afe2938bbeef8b5bd921339a6dc59ab69ff38d6 Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Tue, 17 Oct 2023 14:05:08 +0200
Subject: [PATCH 3/3] log.critical() where useful

---
 core/admin/start.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/admin/start.py b/core/admin/start.py
index 1d30ca2c..ccc2e1ca 100755
--- a/core/admin/start.py
+++ b/core/admin/start.py
@@ -29,7 +29,7 @@ def test_unsupported():
     import codecs
     if os.path.isfile(codecs.decode('/.qbpxrerai', 'rot13')) or os.environ.get(codecs.decode('V_XABJ_ZL_FRGHC_QBRFAG_SVG_ERDHVERZRAGF_NAQ_JBAG_SVYR_VFFHRF_JVGUBHG_CNGPURF', 'rot13'), None) or os.environ.get(codecs.decode('ZNVYH_URYZ_PUNEG', 'rot13'), None):
         return
-    print('Your system is not supported. Please start by reading the documentation and then http://www.catb.org/~esr/faqs/smart-questions.html')
+    log.critical('Your system is not supported. Please start by reading the documentation and then http://www.catb.org/~esr/faqs/smart-questions.html')
     while True:
         time.sleep(5)