[Svn] [roundcube/roundcubemail] cdeb62: Fix possible IMAP command injection vulnerability ...

GitHub noreply at github.com
Tue Apr 17 13:46:59 CEST 2018


  Branch: refs/heads/release-1.2
  Home:   https://github.com/roundcube/roundcubemail
  Commit: cdeb6234a2e029c499898c3432fdf5b2cf093640
      https://github.com/roundcube/roundcubemail/commit/cdeb6234a2e029c499898c3432fdf5b2cf093640
  Author: Thomas Bruederli <thomas at roundcube.net>
  Date:   2018-04-17 (Tue, 17 Apr 2018)

  Changed paths:
    M CHANGELOG
    M program/lib/Roundcube/rcube_imap_generic.php

  Log Message:
  -----------
  Fix possible IMAP command injection vulnerability (#6229)

[CVE-2018-9846]


  Commit: 5b7e9a2c960eb4fd2364921297020a5dcd2d7dbc
      https://github.com/roundcube/roundcubemail/commit/5b7e9a2c960eb4fd2364921297020a5dcd2d7dbc
  Author: Thomas Bruederli <thomas at roundcube.net>
  Date:   2018-04-17 (Tue, 17 Apr 2018)

  Changed paths:
    M CHANGELOG
    M plugins/archive/archive.php
    M plugins/managesieve/managesieve.php
    M plugins/markasjunk/markasjunk.php

  Log Message:
  -----------
  Fix check_request() bypass in places using get_uids() (#6238)

[CVE-2018-9846]


Compare: https://github.com/roundcube/roundcubemail/compare/8e7c2f61a313...5b7e9a2c960e


More information about the svn mailing list