**Roundcube Webmail 1.2.5** This is a security update to the stable version 1.2. It primarily fixes a recently discovered vulnerability in the virtualmin and sasl drivers of the password plugin plus adds a few cherry-picked bug fixes from upstream versions. A detailed list of changes is shown below. It's considered stable and we recommend to update all productive installations of
- tail: revert to polling if a followed directory is replaced (#1283760) ---- - date, touch: fix out-of-bounds write via large TZ variable (CVE-2017-7476) ---- - do not obsolete coreutils-single, so it can be installed by DNF2 (#1444802)
This release fixes a crash when finding a Unicode property for a character with a code point greater than 0x10ffff in UTF-32 library while UTF mode is disabled and JIT mde enabled. It also fixes a buffer overlflow in pcretest tool when copying a string in UTF-32 mode.
Backport fix for https://github.com/ansible/ansible/issues/22572 ---- Many bugfixes and improvements. See https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md for full list of changes. rst and html docs have been split out into a ansible-docs subpackage. Includes fix for CVE-2017-7466
