Versie 1.6.7 van de e-mailclient Roundcube Webmail is uitgekomen. Roundcube Webmail heeft onder andere ondersteuning voor gedeelde mappen en namespaces, internationalized domain names en smtp-delivery status-notificaties. Daarnaast is de gebruikersinterface voor IMAP-mappen aangepast om zo meer ruimte te bieden voor extensies en plug-ins. De changelog voor deze uitgave kan hieronder worden gevonden:
Roundcube Webmail 1.6.7This is a security update to the stable version 1.6 of Roundcube Webmail. It provides a fix to a recently reported XSS vulnerabilities:
- Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes.
- Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences.
- Fix command injection via crafted im_convert_path/im_identify_path on Windows.
This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!
Changelog
- Makefile: Use phpDocumentor v3.4 for the Framework docs (#9313)
- Fix bug where HTML entities in URLs were not decoded on HTML to plain text conversion (#9312)
- Fix bug in collapsing/expanding folders with some special characters in names (#9324)
- Fix PHP8 warnings (#9363, #9365, #9429)
- Fix missing field labels in CSV import, for some locales (#9393)
- Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes
- Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences
- Fix command injection via crafted im_convert_path/im_identify_path on Windows

/u/1273008/crop68f8983a85676_cropped.png?f=community)
:strip_icc():strip_exif()/u/270673/8ball-blue-60x60px.jpg?f=community)
/u/132085/crop5852b17316040_cropped.png?f=community)
:strip_icc():strip_exif()/u/206489/crop60aa920895686_cropped.jpg?f=community)
:strip_icc():strip_exif()/u/277895/crop5eda5f3273e75_cropped.jpeg?f=community)
:strip_icc():strip_exif()/u/216854/crop5c1bbcb02dcee_cropped.jpeg?f=community)