Software update: Roundcube Webmail 1.6.3

By admin on September 16, 2023
Spread the love

Version 1.6.3 of Roundcube Webmail has been released. The main feature of this email web client written in PHP is that Ajax technology is used to display the user interface, which gives a modern and smooth impression. Roundcube Webmail has support for shared folders and namespaces, internationalized domain names and SMTP delivery status notifications, among other things. In addition, the user interface for IMAP folders has been adjusted to provide more space for extensions and plug-ins. The changelog for version 1.6.3 can be found below:

Roundcube Webmail 1.6.3

This is a security update to the stable version 1.6 of Roundcube Webmail.
It provides a fix to a recently reported XSS vulnerability:

  • Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages, reported by Niraj Shivtarkar.

This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!

Changelog

  • Fix bug where installto.sh/update.sh scripts were removing some essential options from the config file (#9051)
  • Update jQuery-UI to version 1.13.2 (#9041)
  • Fix regression that broke use_secure_urls feature (#9052)
  • Fix potential PHP fatal error when opening a message with message/rfc822 part (#8953)
  • Fix bug where a duplicate tag in HTML email could cause some parts being cut off (<a href="https://github.com/roundcube/roundcubemail/issues/9029">#9029</a>)
  • Fix bug where a list of folders could have been sorted incorrectly (#9057)
  • Fix regression where LDAP addressbook ‘filter’ option was ignored (#9061)
  • Fix wrong order of a multi-folder search result when sorting by size (#9065)
  • Fix so install/update scripts do not require PEAR (#9037)
  • Fix regression where some mail parts could have been decoded incorrectly, or not at all (#9096)
  • Fix handling of an error case in Cyrus IMAP BINARY FETCH, fallback to non-binary FETCH (#9097)
  • Fix PHP8 deprecation warning in the reconnect plugin (#9083)
  • Fix “Show source” on mobile with x_frame_options = deny (#9084)
  • Fix various PHP warnings (#9098)
  • Fix deprecated use of ldap_connect() in password’s ldap_simple driver (#9060)
  • Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages

Version number 1.6.3
Release status Final
Operating systems Script language
Website Roundcube Webmail
Download https://github.com/roundcube/roundcubemail/releases/tag/1.6.3
License type GPL
.fb-background-color { background: #ffffff !important; } .fb_iframe_widget_fluid_desktop iframe { width: 100% !important; }
Share
Related Posts

Android 14 beta brings support for a desktop mode

Good news for TSMC: its 3nm node will take flight in 2024 thanks to the push of these three companies

The most boring technology of the 21st century: Intel has only grown 5% since 2000

Google Password Manager can start sharing passwords with partners or children

PlayStation 5 beta update improves audio from DualSense controller

Rumor: Android 15 puts apps in ‘edge-to-edge’ mode by default

The Senate appears to want to maintain the netting arrangement