X

This website uses cookies to improve the user experience. By continuing to use this website, you agree to the use of the cookies.
For more information see our privacy policy.

Contact us Help desk Customer area Demo

Blog

Ensignia 6.5 fixes a serious security vulnerability

July 11, 2017Chris

We have just released an upgraded version of Ensignia, which fixes a serious security vulnerability discovered recently in the SquirrelMail core (CVE-2017-7692.) Due to lack of proper sanitizing of the uploaded attachments in SquirrelMail, it was possible to execute shell commands on the remote server. As you can imagine, this can be very dangerous.

The latest version of SquirrelMail fixes this problem. It also fixes a number of other issues and introduces some new options. Ensignia 6.5 that we have just released is based on the latest version of SquirrelMail core and it immune to the remote execution vulnerability.

If you’re running an older version of Ensignia, we strongly recommend that you upgrade to this latest release. If you choose not to upgrade, you’ll be leaving your server open to a security attack. Please see this document for the description of the CVE-2017-7692 bug.