FEDORA-2024-680b8ba54e — security update for roundcubemail

stable

roundcubemail-1.6.7-1.fc40

FEDORA-2024-680b8ba54e created by remi 10 months ago for Fedora 40

Release 1.6.7

Makefile: Use phpDocumentor v3.4 for the Framework docs (#9313)
Fix bug where HTML entities in URLs were not decoded on HTML to plain text conversion (#9312)
Fix bug in collapsing/expanding folders with some special characters in names (#9324)
Fix PHP8 warnings (#9363, #9365, #9429)
Fix missing field labels in CSV import, for some locales (#9393)
Fix command injection via crafted im_convert_path/im_identify_path on Windows
Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences
Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2024-680b8ba54e

This update has been submitted for testing by remi.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago

This update has been submitted for stable by bodhi.

10 months ago

This update has been pushed to stable.

10 months ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

10 months ago

in testing

10 months ago

in stable

10 months ago

approved

10 months ago

Builds

roundcubemail-1.6.7-1.fc40

BZ#2281597 roundcubemail: fix for several security vulnerabilities

BZ#2281598 roundcubemail: fix for several security vulnerabilities [fedora-all]

roundcubemail-1.6.7-1.fc40

Automated Test Results

ignored