Recent content by Flashdown

Adding: and I guess you don't want to miss the Regression/follow-up for CVE-2024-42008 as well Fix regression where printing/scaling/rotating image attachments was … · roundcube/roundcubemail@32fed15

For those like me who cannot wait, here are all the 3 fixes for the CVE's to fix on your own risk, as always..hf! Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009] https://github.com/roundcube/roundcubemail/commit/68af7c864a36e1941764238dac440ab0d99a8d26 Fix...

I have checked it and there where no further changes between 1.6.3 and 1.6.4 so you can apply the patch on 18.0.56 Update #1 by running this, at your own risk as I did: cp /usr/share/psa-roundcube/program/lib/Roundcube/rcube_washtml.php /root/ cd /root/ && wget...

Well this looks dangerous to me. Why? -> First of all you are getting the file from the current master branch, usually when a version is released then this branch will be used for the next version, so this is what makes it dangerous in terms of possible incompatibilities. Next, I didnt check...

Hello together, I assume when you ensure that you run the latest roundcube 1.6.3 shipped by plesk packages, that you should be able to implement the following changes manually that should be overwritten automatically as soon as plesk ships 1.6.4 (You may better wait for an official confirmation...