Hey All! Recently joined a security email list for Debian and got an email this morning about a Roundcube vulnerability in CVE-2020-12626:
It’s the first time I’ve been aware of a vulnerability prior to the update coming out so I want to watch the process and understand what’s going on with it.
Being that I know we use Roundcube for our webmail through Mail-in-a-Box I ran “apt-cache policy roundcube” and these were my results:
Does that mean Roundcube is installed via a different method? When I run apt update and apt upgrade is that mainly updating packages specific to Ubuntu and not MIAB?