openSUSE Security Update : roundcubemail (openSUSE-SU-2012:1124-1)
Medium Nessus Plugin ID 74742
SynopsisThe remote openSUSE host is missing a security update.
Description- Update to version 0.8.1
- lot of bugfixes and new features including new skin (please check the CHANGELOG)
- contains security related fixes (bnc#777446)
- Fix XSS vulnerability in message subject handling using Larry skin (CVE-2012-3507)
- Fix XSS issue where plain signatures wasn't secured in HTML mode (CVE-2012-3508)
SolutionUpdate the affected roundcubemail package.