[Pkg-roundcube-maintainers] Bug#776700: roundcube: Cross-site scripting vulnerability fixed in 1.0.5
Henri Salo
henri at nerv.fi
Sat Jan 31 12:50:06 UTC 2015
Package: roundcube
Version: 0.9.5+dfsg1-4.1
Severity: important
Tags: security, fixed-upstream, upstream
Cross-site scripting vulnerability has been fixed in Roundcube 1.0.5 version.
Please update Debian packages, thanks.
http://roundcube.net/news/2015/01/24/security-update-1.0.5/
http://trac.roundcube.net/wiki/Changelog#RELEASE1.0.5
http://trac.roundcube.net/ticket/1490227
CVE request: http://www.openwall.com/lists/oss-security/2015/01/31/3
If you need any help with this case feel free to contact me.
--
Henri Salo
More information about the Pkg-roundcube-maintainers
mailing list