Site Navigation:
security roundcubemail-0.9.4-1.fc19 security update
Status:stable
Release: Fedora 19
Update ID: FEDORA-2013-16232
Builds: roundcubemail-0.9.4-1.fc19 (logs)
Pushed: True
Date Submitted: 2013-09-09 13:32:48
Date Released: 2013-09-09 22:39:58
Submitter: limb
Karma: 2
Stable karma: 3
Unstable karma: -3
Details

0.9.4, latest upstream. Require webserver rather than httpd. Two XSS flaws were fixed in roundcube 0.9.3 [1]:

  • Fix XSS vulnerability when saving HTML signatures [2],[3]
  • Fix XSS vulnerability when editing a message "as new" or draft [2],[4]

[1] http://trac.roundcube.net/wiki/Changelog#RELEASE0.9.3 [2] http://trac.roundcube.net/ticket/1489251 [3] http://trac.roundcube.net/changeset/ce5a6496fd6039962ba7424d153278e41ae8761b/github [4] http://trac.roundcube.net/changeset/93b0a30c1c8aa29d862b587b31e52bcc344b8d16/github

Bugs Fixed
1005696 - roundcubemail depends on httpd (apache)
1000511 - roundcubemail: two XSS flaws fixed in 0.9.3 [fedora-all]
1000512 - roundcubemail: two XSS flaws fixed in 0.9.3 [epel-6]
Feedback
bodhi - 2013-09-09 13:33:11
This update has been submitted for testing by limb.
bodhi - 2013-09-09 16:48:46
This update is currently being pushed to the Fedora 19 testing updates repository.
bodhi - 2013-09-09 23:58:19
This update has been pushed to testing
bradw - 2013-09-11 02:03:45
Personal LAMP and mail server running GNOME. All OK.
asrob - 2013-09-11 11:36:08
It works well.
bodhi - 2013-09-17 10:05:56
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
bodhi - 2013-09-17 12:31:42
This update has been submitted for stable by limb.
bodhi - 2013-09-18 04:49:12
This update is currently being pushed to the Fedora 19 stable updates repository.
bodhi - 2013-09-18 13:04:52
This update has been pushed to stable

Add a comment

Tip: Login to impact how quickly this update gets pushed or unpushed.
obfuscated letters