Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Solved Roundcube Security Update 1.4.11

    Roundcube
    2
    2
    167
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • necrevistonnezr
      necrevistonnezr last edited by

      https://github.com/roundcube/roundcubemail/releases/tag/1.4.11

      Security fix

      Fix cross-site scripting (XSS) via HTML messages with malicious CSS content
      Credits for this finding go to Mateusz Szymaniec (CERT Polska).

      This version is considered stable and we recommend to update all productive installations of Roundcube with it.
      Please do backup your data before updating!

      CHANGELOG

      • Display a nice error informing about no PHP8 support
      • Elastic: Fix compatibility with Less v3 and v4 (#7813)
      • Fix bug with managesieve_domains in Settings > Forwarding form (#7849)
      • Fix errors in MSSQL database update scripts (#7853)
      • Security: Fix cross-site scripting (XSS) via HTML messages with malicious CSS content
      1 Reply Last reply Reply Quote 1
      • girish
        girish Staff last edited by

        Thanks for the heads up, pushed an update now. Updated PHP to 7.4 in the process.

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        Powered by NodeBB