[BlueOnyx:27304] Re: Roundcube question
Greg Kuhnert
gkuhnert at compassnetworks.com.au
Wed Oct 30 13:53:53 -05 2024
The store has available Roundcube 1.6.9 in the store, which is available for all platforms, including 5208R - However, there may also be PHP and/or mysql upgrades required. It’s really time to upgrade beyond 5208 to be honest.
Greg.
> On 31 Oct 2024, at 2:23 am, Darren Shea via Blueonyx <blueonyx at mail.blueonyx.it> wrote:
>
> CISA just announced there is a Roundcube exploit which can be exploited:
> "Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG
> animate attributes."
>
> https://www.cve.org/CVERecord?id=CVE-2024-37383
>
> Our ancient BO 5208R system is running Roundcube 1.02 from the BO store
> (Solarspeed) - is there a safe way to update that to a newer version without
> breaking the webmail capabilities?
>
> Thanks,
> Darren
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20241031/7d1da971/attachment.html>
More information about the Blueonyx
mailing list