Dear Roundcube users
We just released a security update to the stable version 1.0 of
Roundcube webmail. Beside a recently reported Cross-Site-Scripting
vulnerability, it also contains some bug fixes and improvements we
found important for the long term support branch of Roundcube.
The fixed XSS issue is documented here: http://trac.roundcube.net/ticket/1490227
See the full changelog here: http://trac.roundcube.net/wiki/Changelog
It's considered stable and we recommend to update all productive
installations of Roundcube with this version. Download it from
http://roundcube.net/download.
And like always: backup before updating!
Kind regards,
Thomas