Updated roundcubemail packages fix security vulnerability

2022-01-2801:26:20

Gentoo Foundation

advisories.mageia.org

0.004 Low

EPSS

Percentile

74.7%

JSON

XSS in handling an attachment’s filename extension when displaying a MIME type warning message (CVE-2021-44025). Potential SQL injection via search or search_params (CVE-2021-44026).

OSVersionArchitecturePackageVersionFilename
Mageia8noarchroundcubemail< 1.5.2-1roundcubemail-1.5.2-1.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	8	noarch	roundcubemail	< 1.5.2-1	roundcubemail-1.5.2-1.mga8

References

bugs.mageia.org/show_bug.cgi?id=29695

lists.fedoraproject.org/archives/list/[email protected]/thread/TP3Y5RXTUUOUODNG7HFEKWYNIPIT2NL4/

lists.fedoraproject.org/archives/list/[email protected]/thread/TPIGI7LQQIBILELWRDTJL5ZU3EZBYSYM/

0.004 Low

EPSS

Percentile

74.7%

JSON

Related for MGASA-2022-0039