stable

roundcubemail-1.4.12-1.fc34

FEDORA-2021-167865df98 created by remi 2 years ago for Fedora 34

Version 1.4.12

  • Enigma: Fix bug where signature verification could fail for non-ascii bodies (#7919)
  • Fix bug where contacts search didn't work with addressbook_search_mods set to an empty array (#7974)
  • Fix bug causing some HTML message content to be not centered in Elastic skin (#7911)
  • Fix bug where consecutive LDAP searches could return wrong results (#8064)
  • Fix bug where plus characters in attachment filename could have been ignored (#8074)
  • Fix displaying HTML body with inline images encapsulated using TNEF format (winmail.dat)
  • Fix handling of custom sender addresses with names (#8106)
  • Fix shift + drag'n'drop menu not working in Elastic skin with Chrome browser (#8107)
  • Fix Firefox infinite loading display on mail screen (#8128)
  • Fix XSS issue in handling attachment filename extension in mimetype mismatch warning (#8193)
  • Fix SQL injection via some session variables

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2021-167865df98

This update has been submitted for testing by remi.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

This update has been pushed to testing.

2 years ago

remi edited this update.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#2025032 CVE-2021-44025 roundcubemail: XSS in handling an attachment's filename extension
0
0
BZ#2025033 CVE-2021-44025 roundcubemail: XSS in handling an attachment's filename extension [fedora-all]
0
0
BZ#2025037 CVE-2021-44026 roundcubemail: potential SQL injection via search or search_params.
0
0
BZ#2025038 CVE-2021-44026 roundcubemail: potential SQL injection via search or search_params. [fedora-all]
0
0

Automated Test Results