Roundcube Project News - Securiry

28 November 2016

Updates 1.2.3 and 1.1.7 released

We just published another update to the both stable versions 1.2 and 1.1 delivering important bug fixes and improvements which we picked from the upstream branch.

Read more...
28 September 2016

Updates 1.2.2 and 1.1.6 published

We just published updates to both stable versions 1.2 and 1.1 delivering important bug fixes and and again more improvements of the Enigma plugin introduced in version 1.2. Version 1.1.6 comes with cherry-picked fixes from the more recent version and improvements in contacts searching as well as a few localization fixes.

Read more...
20 April 2016

Updates 1.1.5 and 1.0.9 published

We just published updates to both stable versions 1.0 and 1.1 delivering important bug fixes and helps protecting Roundcube against more XSS and CSRF attacks. Version 1.1.5 also has two new plugin hooks integrated and version 1.0.9 comes with cherry-picked fixes from the more recent version to ensure proper long term support.

Read more...
26 December 2015

Updates 1.1.4 and 1.0.8 released

We just published updates to both stable versions 1.0 and 1.1 delivering important bug fixes one of which seals a potential path traversal vulnerability reported by High-Tech Bridge Security Research Lab.

Read more...
24 January 2015

Security update 1.0.5 released

We just published a security update to the stable version 1.0. Beside a recently reported Cross-Site-Scripting vulnerability, this release also contains some bug fixes and improvements we found important for the long term support branch of Roundcube.

Read more...
18 December 2014

Update 1.0.4 released

We’re proud to announce the next service release to the stable version 1.0. It contains a security fix along with some bug fixes and improvements for the long term support branch of Roundcube. The most important ones are:

Read more...
21 October 2013

Security updates 0.9.5 and 0.8.7

We just published new releases which fix a recently reported vulnerability that allows an attacker to overrwrite configuration settings using user preferences. This can result in random file access, manipulated SQL queries and even code execution. The latter one only affects versions 0.8.6 and older.

Read more...
27 March 2013

Security updates 0.8.6 and 0.7.3

We just published new releases which fix a recently reported vulnerability that allows an attacker to access files on the server. Please update your installations with the new versions or patch them with the fix which is also published in the downloads section or our sourceforge.net page.

Read more...

Back to News Overview

Latest posts from the planet Roundcube blogs

11 December 2016

vCard in QR code

Another small feature that will be available in Roundcube 1.3.  read more

02 December 2016

Contact identicons

Identicons (avatars, sigils) are meant to give a recognizable image that identifies specified entity  read more

10 October 2016

"Mark all as read" option

It was already possible to mark selected messages as read, but it required a few clicks.  read more

17 September 2016

Widescreen layout aka three column view

Most of modern mail clients already use three column layout and so does Roundcube now  read more

30 July 2016

New options for compose attachments

Attachments list was extended with possibility to open and download uploaded files  read more

24 July 2015

WebP and MathML support

What you can do with these formats right now and what are the limitations  read more

26 April 2016

Roundcube for Mobile Devices

How to install the Melanie2 Larry Mobile theme  read more

28 March 2016

Message/RFC822 attachment preview

Open attached messages as regular ones  read more

13 October 2015

Enigma plugin (PGPP encryption)

Fully featured encrytpion using server-side GnuPG  read more