🥚🐄 Moopril Update 2024 | Security Update

2024-04 (Release April 4th, 2024)

Moohoo Everyone!

With the Moopril update, two security vulnerabilities in mailcow will be closed.

  1. CVE-2024-31204: XSS Vulnerability via Exception Handler
  2. CVE-2024-30270: Path Traversal and Arbitrary Code Execution Vulnerability

Additionally, SOGo has been updated to version 5.10.0, and a bug in the domain-wide footer has been fixed.


The complete changelog, including individual commits, is available on GitHub for those interested: https://github.com/mailcow/mailcow-dockerized/releases/tag/2024-04

Thanks to Paul Gerste from Sonar for reporting the security vulnerabilities. Please always ensure your email server is up to date with patches!

Stay healthy and happy mailing.

Your mailcow team