Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Fedora 22 Roundcubemail Security Advisory: Moderate Brute Force Protection

fedora
Calendar Grey January 8, 2016
Dist Fedora Esm H88
Roundcube Webmail's improvements in security and performance address weaknesses and strengthen login protocols.
**Release 1.1.4** - Add workaround for https://bugs.php.net/bug.php?id=70757 (#1490582) - Fix duplicate messages in list and wrong count after delete (#1490572) - Fix so Installer ...

Summary

RoundCube Webmail is a browser-based multilingual IMAP client

with an application-like user interface. It provides full

functionality you expect from an e-mail client, including MIME

support, address book, folder manipulation, message searching

and spell checking. RoundCube Webmail is written in PHP and

requires a database: MySQL, PostgreSQL and SQLite are known to

work. The user interface is fully skinnable using XHTML and

CSS 2.

Update Information:

**Release 1.1.4** - Add workaround for https://bugs.php.net/bug.php?id=70757 (#1490582) - Fix duplicate messages in list and wrong count after delete (#1490572) - Fix so Installer requires PHP5 - Make brute force attacks harder by re-generating security token on every failed login (#1490549) - Slow down brute- force attacks by waiting for a second after failed login (#1490549) - Fix .htaccess rewrite rules to not block .well-known URIs (#1490615) - Fix mail view scaling on iOS (#1490551) - Fix so database_attachments::cleanup() does not remove attachments from other sessions (#1490542) - Fix responses list update issue after response name change (#1490555) - Fix bug where message preview was unintentionally reset on check-recent action (#1490563) - Fix bug where HTML messages with invalid/excessive css styles couldn't be displayed (#1490539) - Fix redundant blank lines when using HTML and top posting (#1490576) - Fix redundant blank lines on start of text after html to text convers...

Change Log

References


[ 1 ] Bug #1269164 - Logrotate configuration /etc/logrotate.d/roundcubemail is incomplete and should not contain "create" https://bugzilla.redhat.com/show_bug.cgi?id=1269164 [ 2 ] Bug #1269155 - Insecure permissions of /var/lib/roundcubemail and /var/log/roundcubemail https://bugzilla.redhat.com/show_bug.cgi?id=1269155

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update roundcubemail' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: roundcubemail
Product: Fedora 22
Version: 1.1.4
Release: 2.fc22
Summary: Round Cube Webmail is a browser-based multilingual IMAP client

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here