Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="4533">
  <issue id="962067" tracker="bnc">VUL-0: CVE-2015-8770: roundcubemail: remote code execution by path traversal</issue>
  <issue id="CVE-2015-8770" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>aeneas_jaissle</packager>
  <description>
This update to roundcubemail 1.1.4 fixes the following issues:

- CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method (boo#962067)

This update also contains all upstream fixes in 1.1.4.
The package was updated to use generic PHP requirements for use with other prefixes than "php5-"
</description>
  <summary>Security update for roundcubemail</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places