stable

roundcubemail-1.6.5-1.fc37

FEDORA-2023-70578c5599 created by remi 11 months ago for Fedora 37

Release 1.6.5

  • Fix PHP8 fatal error when parsing a malformed BODYSTRUCTURE (#9171)
  • Fix duplicated Inbox folder on IMAP servers that do not use Inbox folder with all capital letters (#9166)
  • Fix PHP warnings (#9174)
  • Fix UI issue when dealing with an invalid managesieve_default_headers value (#9175)
  • Fix bug where images attached to application/smil messages weren't displayed (#8870)
  • Fix PHP string replacement error in utils/error.php (#9185)
  • Fix regression where smtp_user did not allow pre/post strings before/after %u placeholder (#9162)
  • Fix cross-site scripting (XSS) vulnerability in setting Content-Type/Content-Disposition for attachment preview/download

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-70578c5599

This update has been submitted for testing by remi.

11 months ago

This update's test gating status has been changed to 'ignored'.

11 months ago

remi edited this update.

11 months ago

This update has been pushed to testing.

11 months ago

This update has been submitted for stable by bodhi.

11 months ago

This update has been pushed to stable.

11 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
11 months ago
in testing
11 months ago
in stable
11 months ago
modified
11 months ago
approved
11 months ago
BZ#2248088 CVE-2023-47272 roundcubemail: allows XSS via a Content-Type or Content-Disposition header
0
0
BZ#2248089 CVE-2023-47272 roundcubemail: allows XSS via a Content-Type or Content-Disposition header [fedora-all]
0
0

Automated Test Results