Описание
Security update for roundcubemail
This update for roundcubemail to 1.1.6 fixes several issues (boo#1001856).
These security issues were fixed:
- Fix XSS issue in href attribute on area tag
- Wash position:fixed style in HTML mail for better security
These non-security issues were fixed:
- Searching in both contacts and groups when LDAP addressbook with group_filters option is used
- Use contact_search_name format in popup on results in compose contacts search
- Fix missing localization of HTML editor when assets_dir != INSTALL_PATH
- Fix handling of blockquote tags with mixed case on html2text conversion
- Fix message list multi-select/deselect issue
- Fix bug where contact search menu fields where always unchecked in Larry skin
- Fix bug where message list columns could be in wrong order after column drag-n-drop and list sorting
- Don't create multipart/alternative messages with empty text/plain part
- Fix error causing empty INBOX listing in Firefox when using an URL with user:password specified
Список пакетов
openSUSE Leap 42.1
roundcubemail-1.1.6-12.1
Ссылки
- E-Mail link for openSUSE-SU-2016:2577-1
- SUSE Security Ratings