[RCD] Updates 1.2.4 and 1.1.8 released

Thomas Bruederli thomas at roundcube.net
Fri Mar 10 23:46:25 CET 2017


Dear subscribers

We just published another update to both stable versions 1.2 and 1.1
delivering important bug fixes and improvements which we picked from the
upstream branch.

Included is a fix for a recently reported XSS vulnerability within CSS
styles inside an SVG tag. See the full changelog for 1.2.4 in the wiki [1]
and for version 1.1.8 in the release notes [2].

Both versions are considered stable and we recommend to update all
productive installations of Roundcube with either of these versions.
Download them from GitHub via https://roundcube.net/download.

As usual, don't forget to backup your data before updating!

Best,
Thomas


[1] https://github.com/roundcube/roundcubemail/wiki/Changelog#release-123
[2] https://github.com/roundcube/roundcubemail/releases/tag/1.1.8
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.roundcube.net/pipermail/dev/attachments/20170310/19fb3a47/attachment.html>


More information about the dev mailing list