On 03/27/2013 06:02 PM, Thomas Bruederli wrote: > After getting reports about a possible vulnerability of Roundcube > which allows an attacker to modify its users preferences in a way that > he/she can then read files from the server, we now published updated > packages as well as patches that fix this security issue. > > Please update all your Roundcube installations with the new versions > (0.9-rc2, 0.8.6, 0.7.4) or patch them with the published patches.
Thanks for this work. I don't yet see the tags for these releases in the git repo at https://github.com/roundcube/roundcubemail maybe someone needs to "git push --tags" ? If it would be possible to sign the tags when creating them, that would be very much appreciated :) Thanks for roundcube! --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Roundcube Development discussion mailing list [email protected] http://lists.roundcube.net/mailman/listinfo/dev
