Security update for roundcubemail (important)

Update to 1.0.8 - Add workaround for https://bugs.php.net/bug.php?id=70757 1490582 - Fix HTML sanitizer to skip !-- node type X -- in output 1490583 - Fix charset encoding of message/rfc822 part bodies 1490606 - Fix handling of message/rfc822 attachments on replies and forwards 1490607 - Fix PDF...

Security update for roundcubemail (important)

This update to roundcubemail 1.1.4 fixes the following issues: - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...

Security update for roundcubemail (important)

This update to roundcubemail 1.0.8 fixes the following issues: - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...

roundcubemail: remote code execution

High-Tech Bridge Security Research Lab discovered a path traversal vulnerability in Roundcube. Vulnerability can be exploited to gain access to sensitive information and under certain circumstances to execute arbitrary code and totally compromise the vulnerable server. The vulnerability exists du...

MGASA-2016-0016 Updated roundcubemail packages fix security vulnerability

The roundcubemail package has been updated to version 1.0.8, which fixes a path traversal issue and other bugs. See the upstream release announcement for more details...

Updated roundcubemail packages fix security vulnerability

The roundcubemail package has been updated to version 1.0.8, which fixes a path traversal issue and other bugs. See the upstream release announcement for more details...

Fedora Update for roundcubemail FEDORA-2015-6

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for roundcubemail FEDORA-2015-431

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : roundcubemail (openSUSE-2015-722)

This update of roundcubemail fixes one security issue and one bug. - roundcubemail was updated to disallow unwanted access on files in the file system. The apache2 configuration file for roundcubemail previously allowed access to the roundcubemail/bin folder and possibly /logs, /config and /temp,...

MGASA-2015-0438 Updated roundcubemail packages fix security vulnerability

The roundcubemail package has been updated to version 1.0.7, which fixes a XSS issue in drag-n-drop file uploads and other bugs. See the upstream release announcement for more details...

Updated roundcubemail packages fix security vulnerability

The roundcubemail package has been updated to version 1.0.7, which fixes a XSS issue in drag-n-drop file uploads and other bugs. See the upstream release announcement for more details...

openSUSE Security Update : roundcubemail (openSUSE-2015-699)

roundcubemail was updated to version 1.0.7 to fix two security issues. These security issues were fixed : - XSS issue in drag-n-drop file uploads - Disallow unwanted access on files in the file system. The apache2 configuration file for roundcubemail allowed access to the roundcubemail/bin folder...

Mageia: Security Advisory (MGASA-2015-0400)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated roundcubemail package fixes security vulnerabilities

Multiple security issues in the DBMail driver for the password plugin, including buffer overflows CVE-2015-2181 and the ability for a remote attacker to execute arbitrary shell commands as root CVE-2015-2180. An authenticated user can download arbitrary files from the web server that the web serv...

MGASA-2015-0400 Updated roundcubemail package fixes security vulnerabilities

Multiple security issues in the DBMail driver for the password plugin, including buffer overflows CVE-2015-2181 and the ability for a remote attacker to execute arbitrary shell commands as root CVE-2015-2180. An authenticated user can download arbitrary files from the web server that the web serv...

Fedora Update for roundcubemail FEDORA-2015-11469

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for roundcubemail FEDORA-2015-11405

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 22 Update: roundcubemail-1.1.2-1.fc22

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Fedora 22 : roundcubemail-1.1.2-1.fc22 (2015-11405)

Release 1.1.2 - Add new plugin hook 'identitycreateafter' providing the ID of the inserted identity 1490358 - Add option to place signature at bottom of the quoted text even in top-posting mode sigbelow - Fix handling of %-encoded entities in mailto: URLs 1490346 - Fix zipped messages downloads...

Fedora 21 : roundcubemail-1.1.2-1.fc21 (2015-11469)

Release 1.1.2 - Add new plugin hook 'identitycreateafter' providing the ID of the inserted identity 1490358 - Add option to place signature at bottom of the quoted text even in top-posting mode sigbelow - Fix handling of %-encoded entities in mailto: URLs 1490346 - Fix zipped messages downloads...