Package "roundcube"

Name:	roundcube
Description:	skinnable AJAX based webmail solution for IMAP servers - metapackage
Latest version:	1.6.8+dfsg-2ubuntu0.1
Release:	oracular (24.10)
Level:	updates
Repository:	universe
Homepage:	https://www.roundcube.net/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "roundcube"

All arch deb package

APT INSTALL

Other versions of "roundcube" in Oracular

Repository	Area	Version
base	universe	1.6.8+dfsg-2
security	universe	1.6.8+dfsg-2ubuntu0.1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 1.6.8+dfsg-2ubuntu0.1 2025-06-20 00:07:28 UTC

roundcube (1.6.8+dfsg-2ubuntu0.1) oracular-security; urgency=medium * SECURITY UPDATE: Remote code execution post authentication - debian/patches/CVE-2025-49113.patch: Updated program/actions/settings/upload.php, program/lib/Roundcube/rcube_utils.php and tests/Framework/Utils.php to validate URL parameter in upload code - CVE-2025-49113 -- Chrisa Oikonomou <email address hidden> Wed, 04 Jun 2025 15:41:15 +0300

CVE-2025-49113

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is n

About - Send Feedback to @ubuntu_updates

Package "roundcube"

Links

Download "roundcube"

Other versions of "roundcube" in Oracular

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

security

PPA updates