The Roundcube Project News

Update 1.3.8 released

26 October 2018

We proudly announce the next service release to update the stable version 1.3.

Continue reading

We proudly announce the beta release of the next major version 1.4 of Roundcube webmail. With this milestone we introduce some new features:

Continue reading

We proudly announce the next service release to update the stable version 1.3. It contains fixes to several bugs backported from the master branch including a security fix mitigating the EFAIL issue recently discovered in OpenPGP.

Continue reading

As a follow-up to the recent security update for the stable versions 1.2. and 1.1, this new release fixes a regression that sneaked in with the IMAP command injection protection which unintentionally disabled actions that operate on all selected messages (e.g. mark all as junk).

Continue reading

Following the recent security update for 1.3, here now come the promised updates for the LTS versions 1.2 and 1.1. They both fix the recently reported vulnerability allowing IMAP command injection via a GET parameters. More details about this are published under CVE-2018-9846.

Continue reading

We just published a security update to the stable version 1.3. It primarily fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. Details about the vulnerability are published under CVE-2018-9846.

Continue reading

Want more?


Latest posts from the planet Roundcube blogs