Skip to content

Roundcube Webmail 1.2.4
Compare
Choose a tag to compare
@thomascube thomascube released this 10 Mar 22:18
· 4499 commits to master since this release
1.2.4
This tag was signed with the committer’s verified signature.
thomascube Thomas B.
GPG key ID: D105DEA0B545B36C
Learn about vigilant mode.
cbd3562

This is another service release to update the stable version 1.2. It contains some important bug fixes and improvements which we picked from the upstream branch. A detailed list of changes is shown below.

It's considered stable and we recommend to update all productive installations of Roundcube with this version. Please do backup your data before updating!

CHANGELOG

  • Managesieve: Fix handling of scripts with nested rules (#5540)
  • Managesieve: Fix parser issue with empty lines between comments (#5657)
  • Managesieve: Fix possible defect in handling \r\n in scripts (#5685)
  • Enigma: Fix handling of messages with nested PGP encrypted parts (#5634)
  • Enigma: Fix PHP fatal error when decrypting a message with invalid signature (#5555)
  • Enigma: Fix missing require statement for Crypt_GPG_KeyGenerator (#5641)
  • Fix variable substitution in ldap host for some use-cases, e.g. new_user_identity (#5544)
  • Fix adding images to new identity signatures
  • Fix rsync error handling in installto.sh script (#5562)
  • Fix some advanced search issues with multiple addressbooks (#5572)
  • Fix so group/addressbook selection is retained on page refresh
  • Fix bug where image data URIs in css style were treated as evil/remote in mail preview (#5580)
  • Fix bug where external content in src attribute of input/video tags was not secured (#5583)
  • Fix PHP error on update of a contact with multiple email addresses when using PHP 7.1 (#5587)
  • Fix bug where mail content frame couldn't be reset in some corner cases (#5608)
  • Fix bug where some classic skin images were not displayed in IE/Edge (#5614)
  • Fix bug where signature couldn't be added above the quote in Firefox 51 (#5628)
  • Fix regression where groups with email address were resolved to its members' addresses
  • Fix update of group name in the contacts list header on group rename (#5648)
  • Add rewrite rule to disable access to /vendor/bin folder in .htaccess (#5630)
  • Fix bug where it was too easy accidentally move a folder when using the subscription checkbox (#5655)
  • Fix XSS issue in handling of a style tag inside of an svg element (CVE-2017-6820)
Assets 8
Loading