stable

roundcubemail-1.4.12-1.fc33

FEDORA-2021-43d3c10590 created by remi 3 years ago for Fedora 33

Version 1.4.12

  • Enigma: Fix bug where signature verification could fail for non-ascii bodies (#7919)
  • Fix bug where contacts search didn't work with addressbook_search_mods set to an empty array (#7974)
  • Fix bug causing some HTML message content to be not centered in Elastic skin (#7911)
  • Fix bug where consecutive LDAP searches could return wrong results (#8064)
  • Fix bug where plus characters in attachment filename could have been ignored (#8074)
  • Fix displaying HTML body with inline images encapsulated using TNEF format (winmail.dat)
  • Fix handling of custom sender addresses with names (#8106)
  • Fix shift + drag'n'drop menu not working in Elastic skin with Chrome browser (#8107)
  • Fix Firefox infinite loading display on mail screen (#8128)
  • Fix XSS issue in handling attachment filename extension in mimetype mismatch warning (#8193)
  • Fix SQL injection via some session variables

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2021-43d3c10590

This update has been submitted for testing by remi.

3 years ago

This update's test gating status has been changed to 'ignored'.

3 years ago

This update has been pushed to testing.

3 years ago

remi edited this update.

3 years ago

This update has been submitted for stable by bodhi.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
modified
3 years ago
Builds
1
roundcubemail-1.4.12-1.fc33
BZ#2025032 CVE-2021-44025 roundcubemail: XSS in handling an attachment's filename extension
0
0
BZ#2025033 CVE-2021-44025 roundcubemail: XSS in handling an attachment's filename extension [fedora-all]
0
0
BZ#2025037 CVE-2021-44026 roundcubemail: potential SQL injection via search or search_params.
0
0
BZ#2025038 CVE-2021-44026 roundcubemail: potential SQL injection via search or search_params. [fedora-all]
0
0
roundcubemail-1.4.12-1.fc33

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 8.3.0 on bodhi-web-179-6s77x.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy