An update is available for the roundcubemail packages that ship with Kolab Enterprise 14 (version series 1.1) and Kolab 16 (version series 1.3).

Among minor bug-fixes, this update contains the fix for CVE-2017-16651, an authenticated remote file disclosure vulnerability.