[Svn] [roundcube/roundcubemail] 498ff0: Fix possible IMAP command injection vulnerability ...

GitHub noreply at github.com
Tue Apr 17 21:45:34 CEST 2018


  Branch: refs/heads/release-1.1
  Home:   https://github.com/roundcube/roundcubemail
  Commit: 498ff0a28380b9c35133c1bdc9120909eb776b91
      https://github.com/roundcube/roundcubemail/commit/498ff0a28380b9c35133c1bdc9120909eb776b91
  Author: Thomas Bruederli <thomas at roundcube.net>
  Date:   2018-04-17 (Tue, 17 Apr 2018)

  Changed paths:
    M CHANGELOG
    M program/lib/Roundcube/rcube_imap_generic.php

  Log Message:
  -----------
  Fix possible IMAP command injection vulnerability (#6229)

[CVE-2018-9846]


  Commit: aaafe8f9177d29c94fe1c68cc2e19de6d5e50bd8
      https://github.com/roundcube/roundcubemail/commit/aaafe8f9177d29c94fe1c68cc2e19de6d5e50bd8
  Author: Thomas Bruederli <thomas at roundcube.net>
  Date:   2018-04-17 (Tue, 17 Apr 2018)

  Changed paths:
    M CHANGELOG
    M plugins/archive/archive.php
    M plugins/managesieve/managesieve.php
    M plugins/markasjunk/markasjunk.php

  Log Message:
  -----------
  Fix check_request() bypass in plugins using get_uids() (#6238)

[CVE-2018-9846]


  Commit: d4475e58db203331eafbb9d15fad317553e59fb4
      https://github.com/roundcube/roundcubemail/commit/d4475e58db203331eafbb9d15fad317553e59fb4
  Author: Thomas Bruederli <thomas at roundcube.net>
  Date:   2018-04-17 (Tue, 17 Apr 2018)

  Changed paths:
    M CHANGELOG
    M index.php
    M installer/index.php
    M program/include/iniset.php
    M program/lib/Roundcube/bootstrap.php

  Log Message:
  -----------
  Bump version to 1.1.11


Compare: https://github.com/roundcube/roundcubemail/compare/5d889cca13fb...d4475e58db20


More information about the svn mailing list