Date: Tue, 3 Jun 2025 16:16:49 GMT From: Alex Dupre <ale@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 6f8445081395 - main - security/vuxml: add entry for roundcube. Message-ID: <202506031616.553GGn2c038152@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by ale: URL: https://cgit.FreeBSD.org/ports/commit/?id=6f84450813950b1a144e09e8c171e7ac893a7f4b commit 6f84450813950b1a144e09e8c171e7ac893a7f4b Author: Alex Dupre <ale@FreeBSD.org> AuthorDate: 2025-06-03 16:16:08 +0000 Commit: Alex Dupre <ale@FreeBSD.org> CommitDate: 2025-06-03 16:16:08 +0000 security/vuxml: add entry for roundcube. PR: 287208 Submitted by: Christos Chatzaras <chris@cretaforce.gr> --- security/vuxml/vuln/2025.xml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index 652683ab6f4a..d1d98e5d9370 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,29 @@ + <vuln vid="0d6094a2-4095-11f0-8c92-00d861a0e66d"> + <topic>Post-Auth Remote Code Execution found in Roundcube Webmail</topic> + <affects> + <package> + <name>roundcube</name> + <range><lt>1.6.11</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Roundcube Webmail reports:</p> + <blockquote cite="https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10">; + <p>Fix Post-Auth RCE via PHP Object Deserialization reported by firs0v</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-49113</cvename> + <url>https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10</url>; + </references> + <dates> + <discovery>2025-06-01</discovery> + <entry>2025-06-03</entry> + </dates> + </vuln> + <vuln vid="dc99c67a-3fc9-11f0-a39d-b42e991fc52e"> <topic>Gimp -- GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202506031616.553GGn2c038152>