FreeBSD : roundcube -- multiple vulnerabilities (038a5808-24b3-11e5-b0c8-bf4d8935d4fa)
Medium Nessus Plugin ID 84600
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionRoundcube reports :
We just published updates to both stable versions 1.0 and 1.1 after fixing many minor bugs and adding some security improvements to the 1.1 release branch. Version 1.0.6 comes with cherry-picked fixes from the more recent version to ensure proper long term support especially in regards of security and compatibility. The security-related fixes in particular are : * XSS vulnerability in _mbox argument * security improvement in contact photo handling * potential info disclosure from temp directory
SolutionUpdate the affected packages.