Package "roundcube"

Name:	roundcube
Description:	skinnable AJAX based webmail solution for IMAP servers - metapackage
Latest version:	1.6.10+dfsg-1ubuntu0.1
Release:	plucky (25.04)
Level:	security
Repository:	universe
Homepage:	https://www.roundcube.net/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "roundcube"

All arch deb package

APT INSTALL

Other versions of "roundcube" in Plucky

Repository	Area	Version
base	universe	1.6.10+dfsg-1
updates	universe	1.6.10+dfsg-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 1.6.10+dfsg-1ubuntu0.1 2025-06-19 17:11:41 UTC

roundcube (1.6.10+dfsg-1ubuntu0.1) plucky-security; urgency=medium * SECURITY UPDATE: Remote code execution post authentication - debian/patches/CVE-2025-49113.patch: Updated program/actions/settings/upload.php, program/lib/Roundcube/rcube_utils.php and tests/Framework/Utils.php to validate URL parameter in upload code - CVE-2025-49113 -- Chrisa Oikonomou <email address hidden> Wed, 04 Jun 2025 11:06:44 +0300

CVE-2025-49113

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is n

About - Send Feedback to @ubuntu_updates

Package "roundcube"

Links

Download "roundcube"

Other versions of "roundcube" in Plucky

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

security

updates

PPA updates