Mailinglist Archive: opensuse-updates (71 mails)

< Previous Next >
openSUSE-SU-2015:1240-1: Security update for roundcubemail
openSUSE Security Update: Security update for roundcubemail

Announcement ID: openSUSE-SU-2015:1240-1
Rating: low
Cross-References: CVE-2015-2180 CVE-2015-2181
Affected Products:
openSUSE 13.1

An update that fixes two vulnerabilities is now available.


roundcubemail was updated to version 1.0.6 to fix many minor bugs and
three security issues.

The following vulnerabilities were fixed:

* CVE-2015-2180: security improvement in DBMail driver of password plugin
(shell execution)
* CVE-2015-2181: security improvement in DBMail driver of password plugin
(multiple buffer overflows)
* security improvement in contact photo handling

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2015-490=1

To bring your system up-to-date, use "zypper patch".

Package List:

- openSUSE 13.1 (noarch):



< Previous Next >
This Thread
  • No further messages