Update Info

openSUSE-2023-345


Security update for roundcubemail


Type: security
Severity: important
Issued: 2023-11-02
Description:
This update for roundcubemail fixes the following issues:

Update to version 1.6.4 (boo#1216429):

* CVE-2023-5631: Fix cross-site scripting vulnerability in handling of SVG in HTML messages 
* Fix PHP8 warnings
* Fix default 'mime.types' path on Windows
* Managesieve: Fix javascript error when relational or spamtest extension is not enabled


              

Packages


  • roundcubemail-1.6.4-bp155.2.6.1