Topic: Security: Patch to fix roundcube 0.1.1 security issues
Here's patch to fix roundcubemail-0.1.1-stable security issues.
All users use iRedMail-0.3.2/0.3.1/0.2/0.1 should apply this patch as soon as possible:
- Backup current web files (we assume you backup to /opt/backup/):
# cp -rfvp /var/www/roundcubemail-0.1.1/ /opt/backup/
- Download attached patch, copy it to /root/ directory, then patch it:
# cd /var/www/roundcubemail-0.1.1/ # patch -p0 < /root/roundcubemail-CVE-2008-5619.patch
Related resource links:
- Break-in possiblity via html2text.php?
- Security update for 0.2-beta
http://lists.roundcube.net/mail-archive … 00039.html
Note: patch comes from Fedora EPEL repository, thanks wumingzhang for his remind:
http://download.fedora.redhat.com/pub/e … l5.src.rpm
- Urgent issue? Pay iRedMail developer to solve it remotely at $39.