Overview
Request 1191897 accepted
- update to 1.5.8
This is a security update to the stable version 1.5 of Roundcube Webmail.
It provides fixes to recently reported security vulnerabilities:
* Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009] [bsc#1228900]
* Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008]
* Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010] [bsc#1228901]
- update to 1.5.7
- Created by aeneas_jaissle
- In state accepted
Request History
aeneas_jaissle created request
- update to 1.5.8
This is a security update to the stable version 1.5 of Roundcube Webmail.
It provides fixes to recently reported security vulnerabilities:
* Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009] [bsc#1228900]
* Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008]
* Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010] [bsc#1228901]
- update to 1.5.7
aeneas_jaissle accepted request
