Multiple vulnerabilities has been found and corrected in transmission:
A number of dependency probles were discovered and has been corrected
with this release (#56006).
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail
0.2.2 and earlier allows remote attackers to hijack the authentication
of unspecified users for requests that modify user information via
unspecified vectors, a different vulnerability than CVE-2009-4077
(CVE-2009-4076).
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail
0.2.2 and earlier allows remote attackers to hijack the authentication
of unspecified users for requests that send arbitrary emails via
unspecified vectors, a different vulnerability than CVE-2009-4076
(CVE-2009-4077).
The updated packages have been patched to correct these
issues. Additionally roundcubemail has been upgraded to 0.2.2 that
also fixes a number of upstream bugs…
