[RCD] Do we need to patch old version to fix CVE-2010-0464: Disable DNS prefetching?

Albert Lee trisk at forkgnu.org
Tue Mar 2 19:22:20 CET 2010

On Sun, 28 Feb 2010 09:34:53 +0800, Zhang Huangbin
<zhbmaillistonly at gmail.com> wrote:
> Hi, all.
> I saw there's a fix in trunk:
> - Fix CVE-2010-0464: Disable DNS prefetching (#1486449)
>   http://trac.roundcube.net/changeset/3293
> Do we need to patch old versions?
> Thanks :)

If the  issue is a concern for you, please apply the patch. If you are
using a package of RoundCube provided by your OS, you may not need to as
several packagers of 0.3.1 have chosen to incorporate an earlier version of
the patch.


List info: http://lists.roundcube.net/dev/

More information about the Dev mailing list