Announce

announce@lists.roundcube.net

1 participants
141 discussions

[RCD] Security updates 1.5.10 and 1.6.11 released
by Aleksander Machniak 01 Jun '25

01 Jun '25

We just published security updates to the 1.6 and 1.5 LTS versions of Roundcube Webmail. They both contain a fix for recently reported security vulnerability. Security fixes: - Fix Post-Auth RCE via PHP Object Deserialization reported by firs0v. See the full changelogs in the release notes on the Github download pages for the updated versions 1.6.11 and 1.5.10. https://github.com/roundcube/roundcubemail/releases/tag/1.6.11 https://github.com/roundcube/roundcubemail/releases/tag/1.5.10 We strongly recommend to update all productive installations of Roundcube 1.6.x and 1.5.x with this new versions. -- Alec

1 0

Update 1.6.10 released
by Aleksander Machniak 08 Feb '25

08 Feb '25

This is the next service release to update the stable version 1.6. Here's the full changelog: - IMAP: Partial support for ANNOTATE-EXPERIMENT-1 extension (RFC 5257) - OAuth: Support standard authentication with short-living password received with OIDC token (#9530) - Fix PHP warnings (#9616, #9611) - Fix whitespace handling in vCard line continuation (#9637) - Fix current script state after initial scripts creation in managesieve_kolab_master mode - Fix rcube_imap::get_vendor() result (and PHP warning) on Zimbra server (#9650) - Fix regression causing inline SVG images to be missing in mail preview (#9644) - Fix plugin "virtuser_file" to handle backward slashes in username (#9668) - Fix PHP fatal error when parsing some malformed BODYSTRUCTURE responses (#9689) - Fix insert_or_update() and reading database server config on PostgreSQL (#9710) - Fix Oauth issues with use_secure_urls=true (#9722) - Fix handling of binary mail parts (e.g. PDF) encoded with quoted-printable (#9728) - Fix links in comments and config to https:// where available (#9759, #9756) - Fix decoding of attachment names encoded using both RFC2231 and RFC2047 standards (#9725) This version is considered stable and we recommend to update all productive installations of Roundcube with it. Please do backup your data before updating! https://github.com/roundcube/roundcubemail/releases/tag/1.6.10 Please do backup your data before updating! -- Alec

1 0

[RCD] Updates 1.5.9 and 1.6.9 released
by Aleksander Machniak 02 Sep '24

02 Sep '24

These are immediate service releases to fix regressions introduced in the most recent security updates. Both releases contain two following fixes: - Fix regression where printing/scaling/rotating image attachments was broken (#9571) - Fix regression where HTML messages were displayed unstyled (#9586) These releases are considered stable and we recommend to update all productive installations of Roundcube with these. Download it from roundcube.net. https://github.com/roundcube/roundcubemail/releases/tag/1.6.9 https://github.com/roundcube/roundcubemail/releases/tag/1.5.9 We strongly recommend to update all productive installations of Roundcube 1.6.x and 1.5.x with this new versions. Please do backup your data before updating! -- Alec _______________________________________________ Dev mailing list -- dev(a)lists.roundcube.net To unsubscribe send an email to dev-leave(a)lists.roundcube.net

1 0

[Roundcube Announce]Welcome back!
by Jos Poortvliet 03 Mar '24

03 Mar '24

Dear Roundcube community! You might not have seen any emails on these lists for a while, but we're back! For those not keeping a very close eye on Roundcube developments and note my @nextcloud.com email address: 👋 Hi there! Late last year, Roundcube found a new home with the Nextcloud community. You can read all about it here: <https://nextcloud.com/blog/open-source-email-pioneer-roundcube-comes-aboard…> If you have questions, I'll do my best to answer them, you can ask on the list but you can also engage on our forum: <https://help.nextcloud.com/c/roundcube/188> We are still looking for prospective Roundcube developers to join Nextcloud, so if you're looking for a position, check out: <https://nextcloud.com/jobs> and send us your resume. In the coming months, some developers will join us and take up Roundcube improvements. Once they are on-board, we will share more information here. Until then, the three mailing lists are back up and open for business: ## Announce https://lists.roundcube.net/postorius/lists/announce.lists.roundcube.net/ Read-only list with announcements of new versions, security bugs and more. ## Dev https://lists.roundcube.net/postorius/lists/dev.lists.roundcube.net/ All topics related to the development of Roundcube Webmail. ## Users https://lists.roundcube.net/postorius/lists/users.lists.roundcube.net/ All topics related to the use and administration of Roundcube Webmail. Users help each other here so please be kind! I wish you all the very best of times and let's make 2024 a great year for Roundcube - and Nextcloud! Greetings, Jos Poortvliet Director Communications oOo Nextcloud - regain control over your data jos.poortvliet(a)nextcloud.com nextcloud.com +49 171 121 7528 Nextcloud GmbH Hauptmannsreute 44A, 70192 Stuttgart Germany GF: Frank Karlitschek HRB 227086 (AG München)

1 0

Update 1.6.1 released
by Thomas Bruederli 23 Jan '23

23 Jan '23

Dear subscribers We just released the first service update to the new stable version 1.6. It provides a bunch of small fixes and improvements after getting your feedback from the 1.6.0 release. See the full changelog in the release notes <https://github.com/roundcube/roundcubemail/releases/tag/1.6.1> on the Github download page. This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from roundcube.net <https://roundcube.net/download>. Please do backup your data before updating! Upgrading the Complete Package Attention when upgrading Roundcube using the complete package! The installto.sh script does not update the vendor folder of the installation target. If you’re not using Composer to install plugins or other dependencies, please remove the composer.json file of your Roundcube installation before running the installto.sh script. If you have Composer installed, run composer update --no-dev to complete the upgrade. Kind regards, Thomas & Alec

1 0

Update 1.5.3 released
by Thomas Bruederli 26 Jun '22

26 Jun '22

Dear subscribers We just published the third service release to update the stable version 1.5. It provides a bunch of small fixes and improvements for the PHP8 compatibility. See the full changelog in the release notes on the Github download page: https://github.com/roundcube/roundcubemail/releases/tag/1.5.3 This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from https://roundcube.net/download. Please do backup your data before updating! Kind regards Thomas & Alec

1 0

Roundcube webmail 1.6 release candidate released
by Aleksander Machniak 12 Jun '22

12 Jun '22

This is the release candidate for the next major version 1.6 of Roundcube webmail. It includes a small number of improvements and fixes in comparison to the beta release. For more information read the changelogs. https://github.com/roundcube/roundcubemail/releases/tag/1.6-rc https://github.com/roundcube/roundcubemail/releases/tag/1.6-beta We believe it is production ready, but we recommend to test it on a separate environment. And don't forget to backup your data before installing it. ps. This is the first time I created a Roundcube release, I hope that all works as it should. Cheers, Alec

1 0

Roundcube webmail 1.6 beta released
by Thomas Bruederli 06 Mar '22

06 Mar '22

Dear subscribers We proudly announce the beta release for the next major version 1.6 of Roundcube webmail. With this milestone we cleaned up the code and bring full support for PHP 8.1. The most noteworthy changes are: - PHP 8.1 support - Dropped support for PHP < 7.3 - Support responses (snippets) in HTML format - Option to purge deleted mails older than 30, 60 or 90 days - Unified and simplified services connection config options - Removed the Classic and Larry skins from the release packages - SQLite: Use foreign keys, require SQLite >= 3.6.19 Adding support for PHP 8.1 again required some refactoring of the Roundcube codebase and removing/replacing now deprecated PHP code. We also used this cleaning efforts and simplified Roundcube's config options a bit. *Breaking Changes* Some config options have either been removed or renamed. Read the details in the release announcement <https://roundcube.net/news/2022/03/06/roundcube-1.6-beta-released> on our website or in the release notes <https://github.com/roundcube/roundcubemail/releases/tag/1.6-beta>. If you used the Larry or the Classic skin in your deployment, you need to install them manually as they are no longer part of the release packages. They can easily be installed via Composer. See the full changelog in the release notes on the Github download page <https://github.com/roundcube/roundcubemail/releases/tag/1.6-beta>. This is a beta release and we recommend to test it on a separate environment. Download it from roundcube.net <https://roundcube.net/download/>. Migrate existing configs with either the installto.sh or the update.sh scripts. And don't forget to backup your data before installing it. Cheers, Thomas & Alec

1 0

New Roundcube webmail releases
by Thomas Bruederli 26 Jan '22

26 Jan '22

Dear subscribers Due to some technical issues with our mailing lists, it was not possible for us to announce new releases through this list. Please accept our apologies for this inconvenience. There were a few releases for Roundcube Webmail since the last post to this list so please read about them in our news stream at https://roundcube.net/news/ Kind regards, Thomas

1 0

Roundcube Webmail 1.5.0 released
by Thomas Bruederli 18 Oct '21

18 Oct '21

Dear subscribers We proudly announce the final release of the next major version 1.5 of Roundcube webmail. With this milestone we introduce new features and full PHP 8.0 support. The most noteworthy additions are: - Dark mode for Elastic skin - OAuth2/XOauth support (with plugin hooks) - Collected recipients and trusted senders - Moving recipients between inputs with drag & drop - Full unicode support with MySQL database - Support of IMAP LITERAL- extension RFC 7888 <https://datatracker.ietf.org/doc/html/rfc7888> - Support of RFC 2231 <https://datatracker.ietf.org/doc/html/rfc2231> encoded names - Cache refactoring See the full changelog in the release notes <https://github.com/roundcube/roundcubemail/releases/tag/1.5.0> on the Github download page. We also disabled the spell checking feature using spell.roundcube.net by default because some privacy concerns were raised. It now needs to be enabled explicitly by setting the enable_spellcheck config option to true. In case you’re running Roundcube directly from source or if you’re not using the complete package, you need to install 3rd party PHP and JavaScript modules manually. See this post for more details <https://roundcube.net/news/2021/10/18/roundcube-1.5.0-released>. This release is considered stable and we encourage you to update your productive installations after carefully testing the upgrade scenario. Download it from roundcube.net <https://roundcube.net/download>. With the release of Roundcube 1.5.0, the previous stable release branches 1.4.x and 1.3.x will change into LTS low maintenance mode which means they will only receive important security updates but no longer any regular improvement updates. The 1.2.x series is no longer supported and maintained. Kind regards Alec & Thomas

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Announce