Debian Security Advisory 4821-1

Debian Security Advisory 4821-1: Posted Dec 28, 2020; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4821-1 - Alex Birnberg discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling HTML or Plain text messages with malicious content.; tags | advisory, imap, xss; systems | linux, debian; advisories | CVE-2020-35730; SHA-256 | 767561724a53319077d3cdf5d57e9f5904fcd9eb4ae9dc5d7a3475c8e8af11f2; Download | Favorite | View

Debian Security Advisory 4821-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4821-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
December 28, 2020                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : roundcube
CVE ID         : CVE-2020-35730
Debian Bug     : 978491

Alex Birnberg discovered that roundcube, a skinnable AJAX based webmail
solution for IMAP servers, is prone to a cross-site scripting
vulnerability in handling HTML or Plain text messages with malicious
content.

For the stable distribution (buster), this problem has been fixed in
version 1.3.16+dfsg.1-1~deb10u1.

We recommend that you upgrade your roundcube packages.

For the detailed security status of roundcube please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/roundcube

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKSBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl/p4ZVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RzFQ/0Ci4F1yoe1ztMb0dRlYuTIN6egEYkAu3MvgrMz2pbPqMC0Kqu0YMQEwjS
7pXkbfe+xIFHfiJACRdK0l70ZeevhOp36zn33uiAMaARo5xzQDIAHCXQluz1qFPn
NiEfHZ6V07t1uqIhLppCcg4T9SmucOxI1fe6uMP1/iartZoGgBwFTvJ7nf5dF0L4
VRiR19bqDLRc0e8uLIIFHLWeMNU66Zec7ASw5c2t/lF8+UcCO3Qa+QCrYV5oEyp5
iRLRtO7gbNvB5q6QCkXDfXtNiqejmB4Q9zRhqj2T8B4a0ZUOi/zZVeXZj/Kxdyvp
20z50p6FOqzslV7AbexDLSaGlc/vp5qCxLRzO1ZmS+4T0CbP0PqEfnpr/Buo/wNp
/v4TgqB2k7lKV6jRiHl5WujC3cTzrsgPpz7/+rzOccCADue7jil3TLoKdvYqyNZA
2eshvCFITw6kaeiurfopNzPvP8JdTFO47p3orEBCMN333K4YXxiii0hggVlE529e
xX0E1WsLr6s5f/e3XeC0IvQM8wSF8sQnvFLlzTwcRxllbjVcTgdz1c/zwS/rZPuC
aNfqdkSCm5oNTJDzvS+oSerSbPXke+Rziu6hU3dn6747AK/AIPGxpeHkiHeRX593
svRZVFuunQVXh+Mc3XzyZ8+oK+QSaW6de8xN+uVVnonV9DQ4MQ==
=8O2I
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 308 files
Ubuntu 67 files
Debian 24 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

Debian Security Advisory 4821-1

Debian Security Advisory 4821-1

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4821-1

Share This

Debian Security Advisory 4821-1

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems