Headline
Debian Security Advisory 5743-2
Debian Linux Security Advisory 5743-2 - Multiple cross-site scripting vulnerabilities were discovered in RoundCube webmail.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Debian Security Advisory DSA-5743-2 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
August 13, 2024 https://www.debian.org/security/faq
Package : roundcube
CVE ID : CVE-2024-42008 CVE-2024-42009 CVE-2024-42010
Multiple cross-site scripting vulnerabilities were discovered in
RoundCube webmail.
For the oldstable distribution (bullseye), these problems have been fixed in
version 1.4.15+dfsg.1-1+deb11u4.
For the stable distribution (bookworm), these problems have already been
addressed in DSA-5743-1. The initial fixes introduced a regression in
print previews, which has now been addressed in 1.6.5+dfsg-1+deb12u4.
We recommend that you upgrade your roundcube packages.
For the detailed security status of roundcube please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/roundcube
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAma7AK0ACgkQEMKTtsN8
TjaCLhAAj9ooFCqkks/zX1SUM0VpGOKCUwkUiAotKggBJnAOhCAeLJ++YXJeFpTx
h8Muye2jgC1BjpmA0HsdjtHDUOEWL73n2eG3obHEQG+WytJISfz7LyoFxJPBDZUA
bKs0+MMg8wA8VJJWZ8PIoYm4DaTjgVkiaCQQxJhRfZw/LNGFYN9Y9yEL2XrncR8I
fZoug/Iyl4+qC8zr2iYWHFs2TMZXMbYNLFRDY06J5XYFuQ0QPa7KbkN8UvXRNeK4
DOTrkQKeauJHmWl9gfJ9U8w+TYo8mYwU38NoEm/1x0lhqMk/A9KMyROJPuZmCD+R
QWMzULFdqLduvp+iMr0MSGeLnvzuX6AXME8K7JnMiELOmXWCVNAlTNFnmKBftUOZ
mh8MKlNkaGyNO2G9PGIeCNURGwI8NIN0UABZN9h289mn0QM195MuLZN/OZtUBH2s
FU9VAXg2Lw/WKaVj9gndSAv3aN68YN8efuXeTVnPTQaSdHsnBR0fT0yqZd1BWMFy
mq6oYxZGXfRgkb6/KwB/oY3dutXxtUj0GKdC7cQIG2oMyEcFN3Q5yG8oPHZHzgwJ
UYWwA46Jwhy1kRcYmukL+dGtwWsSM7yW6zjV8ifMxJ4zGMJjmMkPSWdKzG/otn7K
oVu/AMHnfCRY/RmXbg1uyuCmjamDZce1fPlDTuvHW+m0AHGvYqU=
=Y9uW
-----END PGP SIGNATURE-----
Related news
Debian Linux Security Advisory 5743-1 - Multiple cross-site scripting vulnerabilities were discovered in RoundCube webmail.
Debian Linux Security Advisory 5743-1 - Multiple cross-site scripting vulnerabilities were discovered in RoundCube webmail.
Debian Linux Security Advisory 5743-1 - Multiple cross-site scripting vulnerabilities were discovered in RoundCube webmail.
Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim's web browser and steal sensitive information from their account under specific circumstances. "When a victim views a malicious email in Roundcube sent by an attacker, the attacker can execute arbitrary JavaScript in the victim's
Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim's web browser and steal sensitive information from their account under specific circumstances. "When a victim views a malicious email in Roundcube sent by an attacker, the attacker can execute arbitrary JavaScript in the victim's
Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim's web browser and steal sensitive information from their account under specific circumstances. "When a victim views a malicious email in Roundcube sent by an attacker, the attacker can execute arbitrary JavaScript in the victim's