Package "roundcube-core"

Name:	roundcube-core
Description:	skinnable AJAX based webmail solution for IMAP servers
Latest version:	1.6.6+dfsg-2ubuntu0.1
Release:	noble (24.04)
Level:	security
Repository:	universe
Head package:	roundcube
Homepage:	https://www.roundcube.net/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "roundcube-core"

All arch deb package

APT INSTALL

Other versions of "roundcube-core" in Noble

Repository	Area	Version
base	universe	1.6.6+dfsg-2
updates	universe	1.6.6+dfsg-2ubuntu0.1

Changelog

Version: 1.6.6+dfsg-2ubuntu0.1 2025-06-21 20:07:02 UTC

roundcube (1.6.6+dfsg-2ubuntu0.1) noble-security; urgency=medium * SECURITY UPDATE: Remote code execution post authentication - debian/patches/CVE-2025-49113.patch: Updated program/actions/settings/upload.php, program/lib/Roundcube/rcube_utils.php and tests/Framework/Utils.php to validate URL parameter in upload code - CVE-2025-49113 -- Chrisa Oikonomou <email address hidden> Thu, 19 Jun 2025 13:45:34 +0300

CVE-2025-49113

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is n

About - Send Feedback to @ubuntu_updates

Package "roundcube-core"

Links

Download "roundcube-core"

Other versions of "roundcube-core" in Noble

Changelog

Share this page

Bookmarks

Latest updates

updates

security

proposed

PPA updates