URGENT: Roundcube security updates 1.3.3, 1.2.7 and 1.1.10 released
115 views
Skip to first unread message
Zhang Huangbin
Nov 8, 2017, 7:57:30 PM11/8/17
to ired...@googlegroups.com
Dear all,
Roundcube team "just published updates to all stable versions from 1.1.x onwards
delivering fixes for a recently discovered file disclosure vulnerability in Roundcube
Webmail.”
"Apparently this zero-day exploit is already being used by hackers to
read Roundcube’s configuration files. It requires a valid username/password
as the exploit only works with a valid session.”
For more details, please read full announcement below:
http://lists.roundcube.net/pipermail/users/2017-November/011736.html
Please upgrade your Roundcube installation as soon as possible.
----
Zhang Huangbin, founder of iRedMail project: http://www.iredmail.org/
Time zone: GMT+8 (China/Beijing).
Available on Telegram: https://t.me/iredmail
Roundcube team "just published updates to all stable versions from 1.1.x onwards
delivering fixes for a recently discovered file disclosure vulnerability in Roundcube
Webmail.”
"Apparently this zero-day exploit is already being used by hackers to
read Roundcube’s configuration files. It requires a valid username/password
as the exploit only works with a valid session.”
For more details, please read full announcement below:
http://lists.roundcube.net/pipermail/users/2017-November/011736.html
Please upgrade your Roundcube installation as soon as possible.
----
Zhang Huangbin, founder of iRedMail project: http://www.iredmail.org/
Time zone: GMT+8 (China/Beijing).
Available on Telegram: https://t.me/iredmail
Reply all
Reply to author
Forward
0 new messages