| Revision Date: | 2021-07-02 | Version: | 1 |
| Title: | Security update for roundcubemail (Important) |
| Description: |
This update for roundcubemail fixes the following issues:
Upgrade to version 1.3.16
This is a security update to the LTS version 1.3.
It fixes a recently reported stored cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content.
References:
- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707) - CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706) - CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)
This update was imported from the openSUSE:Leap:15.2:Update update project.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1180399
1187706
1187707
CVE-2020-18670
CVE-2020-18671
CVE-2020-35730
openSUSE-SU-2021:0959-1
|
| Platform(s): | SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
SUSE Package Hub for SUSE Linux Enterprise 15 SP2
| Product(s): | |
| Definition Synopsis |
| SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed AND roundcubemail-1.3.16-bp152.4.10.1 is installed
|