Security updates 1.7-rc6, 1.6.15 and 1.5.15 released

We just published security updates to the 1.6 and 1.5 LTS versions of Roundcube Webmail, as well as a release candidate for coming 1.7. They contain fixes for recently reported set of security vulnerabilities.

Security fixes

• SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke, reported by class_nzm.

See the full changelogs in the release notes on the Github download pages for the updated versions

• 1.7-rc6
• 1.6.15
• 1.5.15.

We strongly recommend to update your productive installations of Roundcube with this new versions.