Fedora Linux 8816 Published by

A roundcubemail security update has been released for Fedora 35.



SECURITY: Fedora 35 Update: roundcubemail-1.5.2-1.fc35


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-d7347d9432
2022-01-12 01:22:50.089534
--------------------------------------------------------------------------------

Name : roundcubemail
Product : Fedora 35
Version : 1.5.2
Release : 1.fc35
URL :   http://www.roundcube.net
Summary : Round Cube Webmail is a browser-based multilingual IMAP client
Description :
RoundCube Webmail is a browser-based multilingual IMAP client
with an application-like user interface. It provides full
functionality you expect from an e-mail client, including MIME
support, address book, folder manipulation, message searching
and spell checking. RoundCube Webmail is written in PHP and
requires a database: MySQL, PostgreSQL and SQLite are known to
work. The user interface is fully skinnable using XHTML and
CSS 2.

--------------------------------------------------------------------------------
Update Information:

This is the second service release to update the new stable version 1.5. It
provides a bunch of small fixes and improvements to the OAuth feature as well as
a security fix to a recently reported XSS vulnerability. See the full changelog
in the [release
notes](  https://github.com/roundcube/roundcubemail/releases/tag/1.5.2) on the
Github download page. **Security fix** * Cross-site scripting (XSS) via
HTML messages with malicious CSS content This release is considered stable and
we recommend to update all productive installations of Roundcube with this
version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 30 2021 Remi Collet - 1.5.2-1
- update to 1.5.2
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-d7347d9432' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________