Login
Register
Home
Wiki Knowledge Base
FreeDNS
Facebook
Linux Support
Control Web Panel
MENU
Home
Help
Search
Login
Register
Control Web Panel
»
WebPanel
»
E-Mail
»
roundcube CVE-2023-5631
« previous
next »
Print
Pages: [
1
]
Author
Topic: roundcube CVE-2023-5631 (Read 1233 times)
0 Members and 1 Guest are viewing this topic.
adixyo
Newbie
Posts: 1
roundcube CVE-2023-5631
«
on:
October 31, 2023, 08:09:20 PM »
CVE-2023-5631 -
https://nvd.nist.gov/vuln/detail/CVE-2023-5631
Is an update planned?
Manual update fail, bad php version etc. Does anyone have version 1.4.15 of Roundcube?
Logged
tomkolp
Newbie
Posts: 14
Re: roundcube CVE-2023-5631
«
Reply #1 on:
November 05, 2023, 07:52:59 PM »
Roundcubemail has long been unsupported in cwp. Now this is a security risk. Each of my domains allows access to rouncubemail via the /webmail suffix.
How will it turn off along with the whole roundube?
Have you tried installing version 1.5.6? I haven't tried it yet, but the 1.5.x series works for me, the php problem is from 1.6.x.
Edit:
I followed this guide, just change the version from 1.5.4 to 1.5.6 everywhere and it works:
https://www.alphagnu.com/topic/33-update-cwp-roundcube-mail-version-154-%E2%80%93-control-web-panel/
«
Last Edit: November 05, 2023, 08:36:47 PM by tomkolp
»
Logged
overseer
Hero Member
Posts: 1106
Re: roundcube CVE-2023-5631
«
Reply #2 on:
November 06, 2023, 03:55:52 PM »
As far as I know, Sandeep's post there is the last semi-official word on roundcube under CWP. So that's where I have things -- 1.5.6.
Logged
Print
Pages: [
1
]
« previous
next »
Control Web Panel
»
WebPanel
»
E-Mail
»
roundcube CVE-2023-5631