Dear subscribers
We just published another update to both stable versions 1.2 and 1.1
delivering important bug fixes and improvements which we picked from the
upstream branch.
Included is a fix for a recently reported XSS vulnerability within CSS
styles inside an SVG tag. See the full changelog for 1.2.4 in the wiki [1]
and for version 1.1.8 in the release notes [2].
Both versions are considered stable and we recommend to update all
productive installations of Roundcube with either of these versions.
Download them from GitHub via https://roundcube.net/download.
As usual, don't forget to backup your data before updating!
Best,
Thomas
[1] https://github.com/roundcube/roundcubemail/wiki/Changelog#release-123
[2] https://github.com/roundcube/roundcubemail/releases/tag/1.1.8
