Update Roundcube to protect against CVE-2017-16651

See https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10. merges #1287
2026-03-27 19:37:22 +01:00 · 2017-11-15 17:55:51 +02:00
parent 544f155948
commit 2bbbc9dfa3
2 changed files with 8 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,12 @@ CHANGELOG
 In Development
 --------------

+This update is a security update addressing [CVE-2017-16651, a vulnerability in Roundcube webmail that allows logged-in users to access files on the local filesystem](https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10).
+
+Mail:
+
+* Update to Roundcube 1.3.3.
+
 Control Panel:

 * Fix DNS validation to allow wildcard custom DNS entries to be set.