HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=15)
-   -   security patch for RoundCube 0.2 Beta for ISPCOnfig 2 (http://www.howtoforge.com/forums/showthread.php?t=29597)

Hans 18th December 2008 09:15

security patch for RoundCube 0.2 Beta for ISPCOnfig 2
 
On 16-12-2008 a security patch for RoundCube 0.2 Beta came available.
There were two security issues reported for RoundCube 0.2 Beta, which are now fixed. The first was as possible code injection using the html2text conversion script. The other exploit used the unchecked size parameters of the quota image to let PHP create huge images eating up all the server memory.

If you make use of the ROundCube 0.2 Beta package for ISPConfig 2, it is strongly recommended to install this patch file.


The patch file and readme file can be downloaded here.

Norman 20th December 2008 14:21

Thanks Hans, I\ve advised my customers using the roundcube package to upgrade.

Hans 3rd January 2009 10:12

New version available
 
Now there is a new stable version available.
Please have a look here.


All times are GMT +2. The time now is 18:04.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.