This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for roundcubemail fixes one security issues and two bugs.
The following vulnerability was fixed :
- CVE-2017-8114: Authenticated users may have reset
arbitrary passwords (boo#1036955)
The following upstream bugs were fixed :
- Fix regression in LDAP fuzzy search where it always used
prefix search instead
- Fix bug where base_dn setting was ignored inside
See also :
Update the affected roundcubemail package.
Risk factor :
Medium / CVSS Base Score : 6.5