Updated roundcubemail packages fix security vulnerability
Publication date: 11 Jun 2025Modification date: 11 Jun 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-49113
Description
A Post-Auth RCE was announced and fixed in the latest release.
References
- https://bugs.mageia.org/show_bug.cgi?id=34341
- https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10
- https://www.openwall.com/lists/oss-security/2025/06/02/1
- https://www.openwall.com/lists/oss-security/2025/06/02/3
- https://lists.debian.org/debian-security-announce/2025/msg00098.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49113
SRPMS
9/core
- roundcubemail-1.6.11-2.mga9