Mageia 2024-0193: roundcubemail Security Advisory Updates
Summary
This is a security update to the stable version 1.6 of Roundcube Webmail. Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes. Reported by Valentin T. and Lutz Wolf of CrowdStrike.
References
- https://bugs.mageia.org/show_bug.cgi?id=33229
- https://github.com/roundcube/roundcubemail/releases/tag/1.6.7
Resolution
MGASA-2024-0193 - Updated roundcubemail packages fix security vulnerabilities
SRPMS
- 9/core/roundcubemail-1.6.7-1.mga9