-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2015-7327 2015-07-27 21:19:16 --------------------------------------------------------------------------------
Name : roundcubemail Product : Fedora EPEL 6 Version : 1.0.6 Release : 1.el6 URL : http://www.roundcube.net Summary : Round Cube Webmail is a browser-based multilingual IMAP client Description : RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in PHP and requires a database: MySQL, PostgreSQL and SQLite are known to work. The user interface is fully skinnable using XHTML and CSS 2.
-------------------------------------------------------------------------------- Update Information:
Roundcube Webmail 1.0.6 =======================
* Make SMTP error log more verbose - include server response and error code * Fix rows count when messages search fails * Fix security issue in DBMail driver of password plugin * Fix handling of some improper constructs in format=flowed text as per the RFC3676[4.5] * Fix missing or not up-to-date CATEGORIES entry in vCard export * Fix duplicate entry on timezones list in rcube_config::timezone_name_from_abbr() * Fix handling of %-encoded entities in mailto: URLs * Fix bug where messages count was not updated after message move/delete with skip_deleted=false * Fix security issue in contact photo handling * Fix bug where database_attachments_cache setting was not working * Fix attached file path unsetting in database_attachments plugin * Fix issues when using moduserprefs.sh without --user argument
Downstream Changes ==================
* Remove "su" option from logrotate configuration file (requires logrotate >= 3.8.0) to avoid daily logrotate errors with RHEL 6.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1241056 - CVE-2015-5381 CVE-2015-5382 CVE-2015-5383 roundcubemail: vulnerabilities fixed in 1.1.2 and 1.0.6 https://bugzilla.redhat.com/show_bug.cgi?id=1241056 --------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use su -c 'yum update roundcubemail' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
epel-package-announce@lists.fedoraproject.org