FEDORA-EPEL-2017-227eb8f562

security update in Fedora EPEL 7 for roundcubemail

Status: testing 6 days ago

Upstream announcement for Version 1.1.10

This is a security update to the stable version 1.1. It fixes a recently discovered file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default. More details will be published under CVE-2017-16651.

We strongly recommend to update all productive installations of Roundcube 1.1.x. Please do backup your data before updating!

Changelog

  • Fix file disclosure vulnerability caused by insufficient input validation CVE-2017-16651 (#6026)

Comments 2

This update has been submitted for testing by remi.

This update has been pushed to testing.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown.

-1 0 +1 Feedback Guidelines
Is the update generally functional?
Content Type
RPM
Status
testing
Submitted by
Update Type
security
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 8 days ago
in testing 6 days ago
days to stable 8

Automated Test Results