Skip to content

Roundcube Webmail 1.0.9
Compare
Choose a tag to compare
@thomascube thomascube released this 19 Apr 19:59
· 6165 commits to master since this release
1.0.9
This tag was signed with the committer’s verified signature.
thomascube Thomas B.
GPG key ID: D105DEA0B545B36C
Learn about vigilant mode.
cde7a9e

This is a security update to the stable version 1.0. It contains some important bug fixes and security improvements back-ported from the master branch.

It's considered stable and we recommend to update all productive installations of Roundcube 1.0.x with this version if for some reason you're not able to upgrade to the latest stable version. Please do backup your data before updating!

CHANGELOG

  • Fix a regression where some contact data was missing in export and PHP warnings were logged
  • Enable use of TLSv1.1 and TLSv1.2 for IMAP (#4955)
  • Fix XSS issue in SVG images handling (#4949)
  • Fix (again) security issue in DBMail driver of password plugin (CVE-2015-2181) (#4958)
  • Fix bug where Archive/Junk buttons were not active after page jump with select=all mode (#4961)
  • Fix bug in long recipients list parsing for cases where recipient name contained @-char (#4964)
  • Fix additional_message_headers plugin compatibility with Mail_Mime >= 1.9 (#4966)
  • Hide DSN option in Preferences when smtp_server is not used (#4967)
Assets 7
Loading