Home

Software-update: Roundcube Webmail 1.5.7 / 1.6.7

Versie 1.6.7 van de e-mailclient Roundcube Webmail is uitgekomen. Roundcube Webmail heeft onder andere ondersteuning voor gedeelde mappen en namespaces, internationalized domain names en smtp-delivery status-notificaties. Daarnaast is de gebruikersinterface voor IMAP-mappen aangepast om zo meer ruimte te bieden voor extensies en plug-ins. De changelog voor deze uitgave kan hieronder worden gevonden:

Roundcube Webmail 1.6.7

This is a security update to the stable version 1.6 of Roundcube Webmail. It provides a fix to a recently reported XSS vulnerabilities:

  • Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes.
  • Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences.
  • Fix command injection via crafted im_convert_path/im_identify_path on Windows.

    • This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!

    Changelog
  • Makefile: Use phpDocumentor v3.4 for the Framework docs (#9313)
  • Fix bug where HTML entities in URLs were not decoded on HTML to plain text conversion (#9312)
  • Fix bug in collapsing/expanding folders with some special characters in names (#9324)
  • Fix PHP8 warnings (#9363, #9365, #9429)
  • Fix missing field labels in CSV import, for some locales (#9393)
  • Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes
  • Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences
  • Fix command injection via crafted im_convert_path/im_identify_path on Windows

    • Source: Tweakers.net

    Previous

    Next