Update 1.0.10 released

Published: 06 April 2017

Tags:
releases
updates
security

We just published a security update to the LTS version 1.0. It contains some important bug fixes and security improvements backported from the master version.

Fix vulnerability in handling of mail()’s 5th argument
Fix XSS issue in href attribute on area tag
Wash position:fixed style in HTML mail for better security
Don’t create multipart/alternative messages with empty text/plain part

It’s considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from roundcube.net/download.

Please do backup before updating!

Return to News overview

Update 1.6.6 released
Nextcloud – the new home for Roundcube
Security updates 1.6.5 and 1.5.6 released
Security updates 1.5.5 and 1.4.15 released
Security update 1.6.4 released