On 03/28/2013 09:54 AM, Vladislav Bogdanov wrote: >> Patch for 0.6: http://ow.ly/jtQNd > > Are previous versions affected? > > Looking at my 0.4 installation, save_prefs is implemented absolutely > differently, there are lists of prefs for each section, and they are > cherry-picked from a what client sends.
0.4 is vulnerable too, you're looking in a wrong place. The issue is in steps/utils/save_pref.inc. We don't support such very old releases. -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl _______________________________________________ Roundcube Development discussion mailing list [email protected] http://lists.roundcube.net/mailman/listinfo/dev
