Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Ubuntu 22.04: 2023-4bde48f8b3 Critical: Nextcloud Security Update

fedora
Calendar Grey November 3, 2023
Dist Fedora Esm H88
Uncover the latest Fedora 39 security patch for RoundCube, which mitigates a significant XSS vulnerability in its webmail framework.
**Version 1.6.4** - Fix PHP8 warnings (#9142, #9160) - Fix default 'mime.types' path on Windows (#9113) - Managesieve: Fix javascript error when relational or spamtest extension is...

Summary

RoundCube Webmail is a browser-based multilingual IMAP client

with an application-like user interface. It provides full

functionality you expect from an e-mail client, including MIME

support, address book, folder manipulation, message searching

and spell checking. RoundCube Webmail is written in PHP and

requires a database: MySQL, PostgreSQL and SQLite are known to

work. The user interface is fully skinnable using XHTML and

CSS 2.

Update Information:

**Version 1.6.4** - Fix PHP8 warnings (#9142, #9160) - Fix default 'mime.types' path on Windows (#9113) - Managesieve: Fix javascript error when relational or spamtest extension is not enabled (#9139) - Fix cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages (#9168)

Topics%20covered

Topics Covered

security advisory moderate roundcubemail xss flaw fedora 39

Change Log

* Mon Oct 16 2023 Remi Collet - 1.6.4-1 - update to 1.6.4

References


[ 1 ] Bug #2244535 - CVE-2023-5631 roundcube: cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages https://bugzilla.redhat.com/show_bug.cgi?id=2244535

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-735ee6d4e1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: roundcubemail
Product: Fedora 39
Version: 1.6.4
Release: 1.fc39
URL: https://roundcube.net/
Summary: Round Cube Webmail is a browser-based multilingual IMAP client

Topics%20covered

Topics Covered

security advisory moderate roundcubemail xss flaw fedora 39

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here