phpMyAdmin 4.7.4 SQL injection vulnerability

  • Bekomme folgende Meldung beim update:

    server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none


    Erledigt.

    Jetzt diese Meldung:

    [Exception]

    Version check failed! kolab/calendar requires Roundcube version >= 1.4.0.0, 1.2.5.0 was detected.


    Sorry, alles gut. Hatte den Thread nicht von Beginn an gelesen. Also Step 1 Roundcube aktualisieren und dann die Plugins.

    Edited 3 times, last by Bulli ().

  • Updates 1.4.6 and 1.3.13 released

    07 June 2020


    We just published two follow-up releases to the recently published versions 1.4.5 and 1.3.12 of Roundcube Webmail.

    They contain only a single fix for the installer’s test step which was broken with the last release. The update is therefore only relevant for new installations which use the installer to set up Roundcube.

    Changelog

    • Installer: Fix regression in SMTP test section (#7417)


    rouncube 1.4.6.PNG

    my System :



    - Distribution: Debian | Release: 9.8 | Codename: wheezy
    - i-MSCP Version: i-MSCP 1.5.3| Build: 20181208 | Codename: Ennio Morricone
    - Plugins installed: ClamAV (v. 1.2.1), Mailgraph (v 1.1.1), OpenDKIM (v 1.1.3), PanelRedirect (v 1.1.5) & SpamAssassin (v 1.1.1)
    - LetsEncrypt (v3.3.0), PhpSwitcher (v 4.0.1), RoundcubePlugins (v 2.0.1)

    Edited once, last by Speddy ().

  • Security updates 1.4.7, 1.3.14 and 1.2.11 released

    05 July 2020

    We just published security updates to the stable version 1.4 and the LTS versions 1.3 and 1.2 of Roundcube Webmail. They all contain a recently reported cross-site scripting (XSS) vulnerability. The 1.4.7 release also contains a number of general improvements from our issue tracker.

    Security fix

    Prevent cross-site scripting (XSS) via HTML messages with malicious svg/namespace. Credits for this finding go to SSD Secure Disclosure.

    See the full changelogs in the release notes on the Github download pages for the updated versions 1.4.7, 1.3.14 and 1.2.11.

    We strongly recommend to update all productive installations of Roundcube with this new versions.

    Return to News overview

    Files

    my System :



    - Distribution: Debian | Release: 9.8 | Codename: wheezy
    - i-MSCP Version: i-MSCP 1.5.3| Build: 20181208 | Codename: Ennio Morricone
    - Plugins installed: ClamAV (v. 1.2.1), Mailgraph (v 1.1.1), OpenDKIM (v 1.1.3), PanelRedirect (v 1.1.5) & SpamAssassin (v 1.1.1)
    - LetsEncrypt (v3.3.0), PhpSwitcher (v 4.0.1), RoundcubePlugins (v 2.0.1)