phpMyAdmin 4.7.4 SQL injection vulnerability

  • 29 Oct 2020

    PHP 7.4.12 Released!

    The PHP development team announces the immediate availability of PHP 7.4.12. This is a bug fix release.

    All PHP 7.4 users are encouraged to upgrade to this version.

    For source downloads of PHP 7.4.12 please visit our downloads page, Windows source and binaries can be found on windows.php.net/download/. The list of changes is recorded in the ChangeLog.

    29 Oct 2020

    PHP 8.0.0 Release Candidate 3 available for testing

    The PHP team is pleased to announce the tenth testing release of PHP 8.0.0, Release Candidate 3.

    At this time, we're not planning to adjust the GA date, however this may change during the course of the RC cycle. The updated release schedule can, as always, be found on the PHP Wiki page about the PHP 8.0.

    For source downloads of PHP 8.0.0 Release Candidate 3 please visit the download page.

    Please carefully test this version and report any issues found in the bug reporting system.

    Please DO NOT use this version in production, it is an early test version.

    For more information on the new features and other changes, you can read the NEWS file, or the UPGRADING file for a complete list of upgrading notes. These files can also be found in the release archive.

    The next release will be the Release Candidate 4, planned for Nov 12 2020.

    The signatures for the release can be found in the manifest or on the QA site.

    Thank you for helping us make PHP better.

    29 Oct 2020

    PHP 7.3.24 Released!

    The PHP development team announces the immediate availability of PHP 7.3.24. This is a bug fix release.

    All PHP 7.3 users are encouraged to upgrade to this version.

    For source downloads of PHP 7.3.24 please visit our downloads page, Windows source and binaries can be found on windows.php.net/download/. The list of changes is recorded in the ChangeLog.

    my System :

    - Distribution: Debian | Release: 9.13 | Codename: wheezy
    - i-MSCP Version: i-MSCP 1.5.3| Build: 20181208 | Codename: Ennio Morricone
    - Plugins installed: ClamAV (v. 1.3.0), Mailgraph (v 1.1.1), OpenDKIM (v 2.0.0), SpamAssassin (v 2.0.1)
    - LetsEncrypt (v3.3.0), PhpSwitcher (v 5.0.5), RoundcubePlugins (v 2.0.2)YubiKeyAuth 1.1.0

  • Security updates 1.4.10, 1.3.16 and 1.2.13 released

    27 December 2020

    We just published security updates to the stable version 1.4 and the LTS versions 1.3 and 1.2 of Roundcube Webmail. They all contain fixes to a recently reported stored XSS vulnerability. The 1.4.10 release also contains a few general improvements from our issue tracker.

    Security fix

    • Stored cross-site scripting (XSS) via HTML or plain text messages with malicious content

    Credits for this finding go to Alex Birnberg.

    See the full changelogs in the release notes on the Github download pages for the updated versions 1.4.10, 1.3.16 and 1.2.13.

    We strongly recommend to update all productive installations of Roundcube with these new versions.


    Unbenannt.PNG

    my System :

    - Distribution: Debian | Release: 9.13 | Codename: wheezy
    - i-MSCP Version: i-MSCP 1.5.3| Build: 20181208 | Codename: Ennio Morricone
    - Plugins installed: ClamAV (v. 1.3.0), Mailgraph (v 1.1.1), OpenDKIM (v 2.0.0), SpamAssassin (v 2.0.1)
    - LetsEncrypt (v3.3.0), PhpSwitcher (v 5.0.5), RoundcubePlugins (v 2.0.2)YubiKeyAuth 1.1.0

  • Security update 1.4.11


    08 February 2021

    We just published a service and security update to the stable version 1.4 of Roundcube Webmail. It provides a fix for a recently reported stored XSS vulnerability as well a some general improvements from our issue tracker.

    Security fix

    • Fix cross-site scripting (XSS) via HTML messages with malicious CSS content

    Credits for this finding go to Mateusz Szymaniec (CERT Polska).

    See the full changelog in the release notes on the Github download page.

    This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from roundcube.net.

    Please do backup your data before updating!

    my System :

    - Distribution: Debian | Release: 9.13 | Codename: wheezy
    - i-MSCP Version: i-MSCP 1.5.3| Build: 20181208 | Codename: Ennio Morricone
    - Plugins installed: ClamAV (v. 1.3.0), Mailgraph (v 1.1.1), OpenDKIM (v 2.0.0), SpamAssassin (v 2.0.1)
    - LetsEncrypt (v3.3.0), PhpSwitcher (v 5.0.5), RoundcubePlugins (v 2.0.2)YubiKeyAuth 1.1.0

  • phpMyAdmin 5.1.0-rc2

    Released 2021-02-10.

    my System :

    - Distribution: Debian | Release: 9.13 | Codename: wheezy
    - i-MSCP Version: i-MSCP 1.5.3| Build: 20181208 | Codename: Ennio Morricone
    - Plugins installed: ClamAV (v. 1.3.0), Mailgraph (v 1.1.1), OpenDKIM (v 2.0.0), SpamAssassin (v 2.0.1)
    - LetsEncrypt (v3.3.0), PhpSwitcher (v 5.0.5), RoundcubePlugins (v 2.0.2)YubiKeyAuth 1.1.0