Security updates for LTS version 1.0.x

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Security updates for LTS version 1.0.x

UDE Security
Hello,
will there be a security update for the vulnerability CVE-2017-6820
(http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6820)?

The roundcube web page announces a "low maintenance" support of version
1.0.x.
As far as I know this version isn't officially discontinued and  not out
of support, is it?

Thanks in advance,
Rainer
_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: Security updates for LTS version 1.0.x

Thomas Bruederli-2
Hello Rainer

The 1.0.x series is not affected as it doesn't support SVG elements but the fix for that particular issue was a rather general one and we'll publish an update to that series soon.

Best,
Thomas


On Mon, Mar 27, 2017 at 10:30 AM, Security <[hidden email]> wrote:
Hello,
will there be a security update for the vulnerability CVE-2017-6820 (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6820)?

The roundcube web page announces a "low maintenance" support of version 1.0.x.
As far as I know this version isn't officially discontinued and  not out of support, is it?

Thanks in advance,
Rainer
_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users


_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users