========================================================================== Ubuntu Security Notice USN-7200-1 January 13, 2025
roundcube vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Roundcube could be made to expose sensitive information. Software Description:- roundcube: skinnable AJAX based webmail solution for IMAP servers - metapack
Details: It was discovered that Roundcube incorrectly handled certain file-based attachment plugins. An attacker could exploit this to gain unauthorized access to arbitrary files on the host’s file system. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS roundcube-core 1.2~beta+dfsg.1-0ubuntu1+esm5 Available with Ubuntu Pro roundcube-plugins 1.2~beta+dfsg.1-0ubuntu1+esm5 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References:https://ubuntu.com/security/notices/USN-7200-1 <https://ubuntu.com/security/notices/USN-7200-1>
CVE-2017-16651
OpenPGP_signature.asc
Description: OpenPGP digital signature
