Advisories » MGASA-2020-0301

Updated roundcubemail packages fix security vulnerability

Publication date: 31 Jul 2020
Modification date: 31 Jul 2020
Type: security
Affected Mageia releases : 7

Description

This update fixes a recently reported cross-site scripting (XSS)
vulnerability via HTML messages with malicious svg/namespace.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=26905
• https://github.com/roundcube/roundcubemail/releases/tag/1.3.14

SRPMS

7/core

• roundcubemail-1.3.14-1.mga7