From d4a3d5aeaecd486267f9ef640af34eae9a58bbd3 Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Sat, 16 Nov 2024 22:24:26 +0100
Subject: [PATCH 1/2] Upgrade snappymail to v2.38.2

---
 towncrier/newsfragments/3648.bugfix | 1 +
 webmails/Dockerfile                 | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 towncrier/newsfragments/3648.bugfix

diff --git a/towncrier/newsfragments/3648.bugfix b/towncrier/newsfragments/3648.bugfix
new file mode 100644
index 00000000..3c412b2a
--- /dev/null
+++ b/towncrier/newsfragments/3648.bugfix
@@ -0,0 +1 @@
+Upgrade snappymail to v2.38.1 ; this is a security fix for GHSA-2rq7-79vp-ffxm (mXSS)
diff --git a/webmails/Dockerfile b/webmails/Dockerfile
index 712c5dfd..95d4a374 100644
--- a/webmails/Dockerfile
+++ b/webmails/Dockerfile
@@ -54,7 +54,7 @@ COPY roundcube/config/config.inc.carddav.php /var/www/roundcube/plugins/carddav/
 
 # snappymail
 
-ENV SNAPPYMAIL_URL https://github.com/the-djmaze/snappymail/releases/download/v2.36.4/snappymail-2.36.4.tar.gz
+ENV SNAPPYMAIL_URL https://github.com/the-djmaze/snappymail/releases/download/v2.38.2/snappymail-2.38.2.tar.gz
 
 RUN set -euxo pipefail \
   ; mkdir  /var/www/snappymail \

From 6f3257f3b2463e4d8de968625839d315e77861b8 Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Sat, 16 Nov 2024 22:48:04 +0100
Subject: [PATCH 2/2] doh; v2.38.2

---
 towncrier/newsfragments/3648.bugfix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/towncrier/newsfragments/3648.bugfix b/towncrier/newsfragments/3648.bugfix
index 3c412b2a..95a98590 100644
--- a/towncrier/newsfragments/3648.bugfix
+++ b/towncrier/newsfragments/3648.bugfix
@@ -1 +1 @@
-Upgrade snappymail to v2.38.1 ; this is a security fix for GHSA-2rq7-79vp-ffxm (mXSS)
+Upgrade snappymail to v2.38.2 ; this is a security fix for GHSA-2rq7-79vp-ffxm (mXSS)