Roundcube Community Forum

News and Announcements => News & Announcements => Topic started by: bpat1434 on December 09, 2009, 03:20:55 PM

Title: RoundCube News: Security update for 0.2-beta
Post by: bpat1434 on December 09, 2009, 03:20:55 PM

There were two security issues reported which are now fixed. The first was as possible code injection using the html2text conversion script. The other exploit used the unchecked size parameters of the quota image to let PHP create huge images eating up all the server memory.  (0 comments (http://sourceforge.net/news/?group_id=139281&id=256318))

More... (http://sourceforge.net/news/?group_id=139281&id=256318)