Versie 1.6.3 van Roundcube Webmail is uitgekomen. De voornaamste eigenschap van deze in php geschreven e-mailwebclient is dat Ajax-technologie wordt gebruikt om de gebruikersinterface te tonen, wat een moderne en vlotte indruk geeft. Roundcube Webmail heeft onder andere ondersteuning voor gedeelde mappen en namespaces, internationalized domain names en smtp-delivery status-notificaties. Daarnaast is de gebruikersinterface voor IMAP-mappen aangepast om zo meer ruimte te bieden voor extensies en plug-ins. De changelog voor versie 1.6.3 kan hieronder worden gevonden:
Roundcube Webmail 1.6.3This is a security update to the stable version 1.6 of Roundcube Webmail.
It provides a fix to a recently reported XSS vulnerability:
- Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages, reported by Niraj Shivtarkar.
This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!
Changelog
- Fix bug where installto.sh/update.sh scripts were removing some essential options from the config file (#9051)
- Update jQuery-UI to version 1.13.2 (#9041)
- Fix regression that broke use_secure_urls feature (#9052)
- Fix potential PHP fatal error when opening a message with message/rfc822 part (#8953)
- Fix bug where a duplicate
<title>tag in HTML email could cause some parts being cut off (#9029)- Fix bug where a list of folders could have been sorted incorrectly (#9057)
- Fix regression where LDAP addressbook 'filter' option was ignored (#9061)
- Fix wrong order of a multi-folder search result when sorting by size (#9065)
- Fix so install/update scripts do not require PEAR (#9037)
- Fix regression where some mail parts could have been decoded incorrectly, or not at all (#9096)
- Fix handling of an error case in Cyrus IMAP BINARY FETCH, fallback to non-binary FETCH (#9097)
- Fix PHP8 deprecation warning in the reconnect plugin (#9083)
- Fix "Show source" on mobile with x_frame_options = deny (#9084)
- Fix various PHP warnings (#9098)
- Fix deprecated use of ldap_connect() in password's ldap_simple driver (#9060)
- Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages
:strip_exif()/i/2003187436.png?f=thumbmedium)