FEDORA-2016-b4896f20b3

security update in Fedora 23 for roundcubemail

Status: stable 2 years ago

Version 1.2.3

  • Searching in both contacts and groups when LDAP addressbook with group_filters option is used
  • Fix vulnerability in handling of mail()'s 5th argument
  • Fix To: header encoding in mail sent with mail() method (#5475)
  • Fix flickering of header topline in min-mode (#5426)
  • Fix bug where folders list would scroll to top when clicking on subscription checkbox (#5447)
  • Fix decoding of GB2312/GBK text when iconv is not installed (#5448)
  • Fix regression where creation of default folders wasn't functioning without prefix (#5460)
  • Enigma: Fix bug where last records on keys list were hidden (#5461)
  • Enigma: Fix key search with keyword containing non-ascii characters (#5459)
  • Fix bug where deleting folders with subfolders could fail in some cases (#5466)
  • Fix bug where IMAP password could be exposed via error message (#5472)
  • Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc, Added memcache_max_allowed_packet and apc_max_allowed_packet settings (#5452)
  • Fix "Illegal string offset" warning in rcube::log_bug() on PHP 7.1 (#5508)
  • Fix storing "empty" values in rcube_cache/rcube_cache_shared (#5519)
  • Fix missing content check when image resize fails on attachment thumbnail generation (#5485)
  • Fix displaying attached images with wrong Content-Type specified (#5527)

How to install

sudo dnf upgrade --advisory=FEDORA-2016-b4896f20b3

Comments 6

This update has been submitted for testing by remi.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

remi edited this update.

This update has been submitted for stable by remi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1403177 CVE-2016-9920 roundcubemail: Code execution via mail()
#1403178 CVE-2016-9920 roundcubemail: Code execution via mail() [fedora-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago
modified 2 years ago

Related Bugs 2

00 #1403177 CVE-2016-9920 roundcubemail: Code execution via mail()
00 #1403178 CVE-2016-9920 roundcubemail: Code execution via mail() [fedora-all]

Automated Test Results