We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Roundcube Security Vulnerability prior v1.2.3
Roundcube Security Vulnerability prior v1.2.3
is this an issue? and is it fixed? :-D
if not: how can i disable / uninstall coundcube i am not using it... thanks!
https://github.com/roundcube/roundcube ... elease-123
heise Security
08.12.2016 17:58 Uhr
https://www.heise.de/newsticker/meldung ... itrag.atom
if not: how can i disable / uninstall coundcube i am not using it... thanks!
https://github.com/roundcube/roundcube ... elease-123
heise Security
08.12.2016 17:58 Uhr
https://www.heise.de/newsticker/meldung ... itrag.atom
Re: Roundcube Security Vulnerability prior v1.2.3
To use this security breach you will need to have a local email account - so it is not a big problem like it is written on heise.de. As soon, as the new package is published (roundcube-core), you can install it over system upgrade (apt-get upgrade / yum update).
VestaCP does not provide an own roundcube version, if you want to disable roundcube, you can to this for example by removing the /webmail alias from the system:
if you want to re-enable it, you can create again the symlink:
This will work for Ubuntu and Debian, should be a similar way for CentOS/Redhat systems.
VestaCP does not provide an own roundcube version, if you want to disable roundcube, you can to this for example by removing the /webmail alias from the system:
Code: Select all
rm /etc/apache2/conf.d/roundcube.conf
service apache2 restart
Code: Select all
ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf
service apache2 restart
Re: Roundcube Security Vulnerability prior v1.2.3
There seems to be no security issue with exim4 and VestaCP, the needed switches (-X and -O) will be ignored from exim4 sendmail. Source: https://www.heise.de/forum/heise-Securi ... 5767/show/
Re: Roundcube Security Vulnerability prior v1.2.3
Thank you for your fast and competent answers :)
(Y) *thumbs*up*
(Y) *thumbs*up*